Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

NSA 2600 affecting to WAN network

BoralexxBoralexx Newbie ✭
in Entry Level Firewalls

The problem is following:

My local network worked properly until SonicWall NSA 2600 has appeared. Pings were quick and stable. After setting up a Toshiba's hardware, they wanted use 1 my IP to get internet and get acces to several servers from my network - for Sonicwall this IP was WAN-port, but their internal network (after Sonicwall) intended to be inaccesible for me. OK. After a few days of working I have seen that my pings became long, unstable and some virtual Windows servers lost access to the network printers, Radmin connections became long and nonadequate, Windows network browsers does not show all resources and so on... I've noticed that ARP table in my computer contains many unexisting IP equal to only 1 MAC of Sonicwall and this MAC overrides even some existing IP ! When power down this device - my network starts working excellent, everything is seen and OK. After powering up - situations is just the same. "Advanced IP scanner" shows the same - many IP addresses have the same Sonicwall MAC

Service ingeneer says - it not a their problem, Dell is a great company, blablabla, you are using inadequate HP switches, Kerio Control firewalls, etc. I have access to Web administration of Sonic and it seems to me that only 1 checkbox must be un/checked and all will work properly.

Please, help me. Thank you in advance

in attached screenshots are pings with and without Sonic

without sonic.JPG


with sonic.JPG


Category: Entry Level Firewalls
Reply

Answers

  • MitatOngeMitatOnge All-Knowing Sage ✭✭✭✭

    Hi @Boralexx ,


    can you check below settings.

    • IPS Low level prevention unchecked
    • Switch mtu size and sonicwall Lan interface MTU size must be same.
    • Gateway AV Tcp Streaming uncheked.
    • no Connection limit on each access rules advanced tab.
    • Firewall Settings / Advanced / Control Plane Flood Protection will be unchecked.
    • during the ping test check pinged ip into the log. ( Log template must be debug)

    if you share these menues screenshot may be I can help you.

  • BoralexxBoralexx Newbie ✭

    @MITATONGE thank You for attention to my problem

    The problem was partially solved, I had updated Kerio Control with an additional LAN 192.168.28.0 subnet on the same copper network and moved the WAN IP of this Sonic from 192.168.25.2 to 192.168.28.2. After that, my whole 25 network started working quickly, ARP in Sonic was cleared of 25 addresses and now only contains 28 addresses, ARP 25 of subnets does not have a Sonic MAC at all. Kerio has automatically set up routes between subnets 25 and 28, and now ToshibaLAN comps have access to my servers. But I don’t know which checkbox to uncheck

    In monday I'll inspect sonic webface.

Sign In or Register to comment.