Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

TZ470 allow traffic between zones

johnswenson1johnswenson1 Newbie ✭
in Entry Level Firewalls

I have a TZ470 with 5 zones, I want computers on LAN to be able to see and talk to computers on the TECH zone. I have added two access rules, one LAN to TECH with ANY on everything, and one TECH to LAN with ANY on everything. I'm on a computer in the LAN zone and try pinging the addresses (in the TECH subnet) of devices I know are on and get nothing.

Do I need to add a routing rule as well? Is there something special I need to do on the access rules?

John S.

Category: Entry Level Firewalls
Reply

Best Answer

Answers

  • johnswenson1johnswenson1 Newbie ✭

    I found the problem. I can't get to church right now so I had someone turn the booth on and all the equipment, but someone else came along and turned everything off, even though there was a big note saying to leave everything on. The only thing running were two rpis that were plugged into the always on strip. All the access rules in the world aren't going two help if everything is not powered.

    Thanks,

    John S.

  • johnswenson1johnswenson1 Newbie ✭

    I tried again today, I had some turn on the booth and computers. Now I can see some, but not all. The ones that get DHCP leases from the TZ470 I can see, but the ones with static IP addresses in the devices I cannot see. I checked this thoroughly and that seems to be the issue. Somehow packets from devices with static IP addresses are not allowed. Anybody have any clue what might be causing this?

    The access rules have a lot of stuff about security profiles etc, I just left everything default, is there something that needs to be changed to allow static addresses to go between zones. All the static addresses are below the minimum address in the DHCP pool for the TECH zone. But I am using Any for the source and destination addresses in the rules so I don't thing that should cause any issue.

    Thanks,

    John S.

  • BWCBWC Cybersecurity Overlord ✭✭✭

    @johnswenson1 my best guess would be, that either the Subnet mask or the Default Gateway of the statically configured clients does not matach your configuration. Make sure they are correct.

    —Michael@BWC

Sign In or Register to comment.