Need a separate internal network on TZ-500
DonDwild
Newbie ✭
Hi
I need to create a separate internal lan segment that has Internet access and DHCP. So I want it to not have access to anyone zones other than the WAN zone (so it can get internet access). Should I use a LAN zone as my zone type? I think I can create seperate DHCP address assignment for this zone (that is a non-used subnet). Once this is done, do I just assign this Zone to an unused interface (like X4 or X5) and write one access rule to give this Zone access to the WAN zone. Some quick steps would be helpful. Thanks
Category: Entry Level Firewalls
0
Answers
Depending on its use if you assign it the same LAN zone the default zone rules apply.
If you assign this as a DMZ you have DMZ-WAN and LAN-DMZ but no DMZ to LAN without specific rules.
you can create zones based on Trusted or Public and name them as you require.
here's the KB article
https://www.sonicwall.com/support/knowledge-base/how-do-zones-work-in-sonicos/170503731702241/
I just want this to be a separate internal lan segment with DHCP and Internet access.
The short answer to your original question is: Yes.
Here's how I have my LAN and one of my LAB environments:
You can then go to Access Rules to ensure isolation between your LAN and secondary environment.