Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Ping and traffic between X Ports

Hello,

i worked a lot with other firewalls like Sophos, Securepoint, Lancom, TP-Link and so on, but Sonicwall seems to be very special.

I've been trying for about 3 days now to get the firewall to ping between port X0 (LAN : 10.0.0.0/24) and port X2 (LAN2 : 192.168.0.0/24).

The ports themselves can be pinged, but the devices and clients behind them not.

Neither pinable nor reachable from other subnet.

The Sonicwall itself can ping the clients in both subnets.

I set policy rules and checked "PING" and "Management traffic allowed" but nothing.

I'm too stupid to get that to work. :-(

What am I doing wrong? Where did I miss something?

It can't be that difficult.

On other firewalls it´s easy to config and get it to work.

I'm really getting desperate and about to give up.

I hope someone can help and give me a hint.


Thank you <3

Category: Entry Level Firewalls
Reply

Best Answer

Answers

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    What do your firewall rules between LAN and LAN2 look like? Have you run a packet capture to see why the drop is occurring?

    Read up on Zone-based firewall concepts.



  • NikudaNikuda Newbie ✭
    edited February 2023

    It´s the default access rule:


    It says any to any, but ping wont work and reaching clients in "LAN-Intern" doesn´t work, too.

  • BWCBWC Cybersecurity Overlord ✭✭✭

    @Nikuda just crank up a Packet-Monitor and look for ICMP traffic, that'll show you if anything is getting dropped. If nothing gets dropped and you just see the "ECHO REQUEST" but no "ECHO REPLY" you probably have a routing problem or the switch isn't configured correctly.

    I assume X0 and X2 are connected to a switch and are sitting in different VLANs?

    You usually don't need to allow Management Traffic, except you need to access X2 IPv4 IP from a host connected to X0.

    --Michael@BWC

  • NikudaNikuda Newbie ✭
    edited February 2023

    "I assume X0 and X2 are connected to a switch and are sitting in different VLANs?"

    No, there is no VLAN and no switch connected.

    I put my notebook, for testing, directly on X2 port.

  • ArkwrightArkwright Community Legend ✭✭✭✭✭

    The ports themselves can be pinged, but the devices and clients behind them not.

    The "Allow Management Traffic" option is specifically to handle traffic to the firewall. I wouldn't expect this to work when the destination is not the firewall, although it might.

  • NikudaNikuda Newbie ✭

    make sure your Windows Firewall isn't filtering anyting out

    That was the problem. Shame on me :-(

    I allowed ICMP through Windows Firewall but it doesn't work.

    It only worked when the Windows Firewall was switched off.

    New problem in Windows 11?


    Now ping works and the clients are reachable.

  • BWCBWC Cybersecurity Overlord ✭✭✭

    @Nikuda I'am glad you've got that resolved :)

    --Michael@BWC

Sign In or Register to comment.