Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Internet configure

I have two internet links in failover mode on a SONICWALL SOHO, the main link connected to X1 and the secondary link to X2. In X0 I have the network 192.168.1.1 with DHCP of this network. On X3 I have the 192.168.2.1 network also with DHCP on this network. I even wanted everything right.

The 192.168.1.1 network receives the failover links. I would like to configure the 192.168.2.1 network to receive only the main link. The main link falling, I do not want the 192.168.2.1 network to receive internet from the secondary link. How would I do this setup?

Category: Firewall Management and Analytics
Reply

Answers

  • SaravananSaravanan Moderator

    Hi @MORORÓ,

    Thank you for reaching us on SonicWall Community.

    As per your information, you would like to get 192.168.2.x subnet to utilize the primary WAN link for Internet access as you have primary and secondary WAN links in failover configured on SonicWall.

    Yes, we can achieve this by adding a static route on the SonicWall as shown below. Create the static route in MANAGE | System Setup | Network | Routing section in the SonicWall GUI.

    Please try and let us know if any clarification.

    Have a good one...

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • MororóMororó Newbie ✭

    Good night, SARAVANAN!

    I did the suggested configuration and the 192.168.2.0 network continued to access the two links. I disconnected the main link and the 192.168.2.0 network continued to access the internet.

    As the network is configured, the two networks (192.168.1.0 and 192.168.2.0) continue to access the two links, primary and secondary, configured in failover (the primary falls, the secondary takes over). The configuration I would like to do is for the 192.168.2.0 network to have access to the internet only through the main link. This falling, the 192.168.2.0 network loses connection to the internet. But the 192.168.1.0 network continues to be accessed by the secondary link.

  • SaravananSaravanan Moderator

    @MORORÓ - Gotcha. So, you need to provide Internet access to 192.168.2.x subnet only via primary WAN (X1). Even when primary WAN link is down, the Internet access for 192.168.2.x shouldn't be available.

    My bad, as I assumed that when failover happens 192.168.2.x should take secondary WAN for Internet access. Please try the steps defined below.

    a. Create an Address Object for any external public IP address that is pingable. For example: Google DNS servers like 4.2.2.2, 8.8.8.8, 4.2.2.1, etc,., The address object details are below,

    • Name: Any Friendly Name
    • Zone Assignment: WAN
    • Type: Host
    • IP Address: 8.8.8.8

    b. Create a Network Probe Policy as shown below,

    c. Delete the previously created route and add a new route as depicted below,

    With the above route along with probe target in place, the Internet access via X2 interface is always blocked for 192.168.2.x subnet when the target 8.8.8.8 is reachable. Since X1 is the primary WAN in the failover and LB settings, there are default routes in the firewall that can get the subnet 192.168.2.x to access Internet via X1.

    Please try this and let us know. I'll have this published as a KB once you confirm the functioning.

    Have a good day!!!

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • MororóMororó Newbie ✭

    Good afternoon, SARAVANAN!

    Even following the suggested steps, the X2 internet, secondary, still goes out through X3.

    Did not work

  • MororóMororó Newbie ✭

    Good Morning!

    I am waiting for an answer to proceed with the configuration.

  • SaravananSaravanan Moderator

    Hi @MORORÓ,

    Sorry for the delay in response.

    The suggested steps should work as per my testing in our lab. We may need to handle this via real-time troubleshooting session. Please approach our support team for immediate live assistance on this.

    Have a good day!!!

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

Sign In or Register to comment.