How to set up a Windows DHCP Superscope on the sonicwall TZ 205
LannyE
Newbie ✭
I have my dhcp on Windows server 2012 r2. my IP addresses are almost all used up. I've created a second scope and created a super scope. This second scope is unable to access the internet, I've attempted looking through KB and have found different issue but none answer.
Category: Firewall Management and Analytics
Tagged:
0
Answers
Hi @LANNYE,
Thank you for visiting SonicWall Community.
I presume you created the second scope and super scope on the same subnet as that of the existing DHCP scope. The client PC's are able to get the DHCP IP addresses from the second scope but they are unable to access the Internet. Do I sound right? If yes, could you please check if you can ping the SonicWall's LAN interface IP which should be the gateway for the client PC's? Also, try to ping an external IP address like 4.2.2.1 from the same client PC. We can figure out the root cause this way.
Please keep me posted.
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services
Here's my set up:
working scope: 172.16.10.0
Second Scope 172.16.30.0
DHCP isn't assigning IP addresses from Second scope but I've assigned a device with IP address static (172.16.30.5) and it won't connect to the internet.
I can ping from SERVER external 4.2.2.1 but can't ping 172.16.30.5
I feel like I've missed a step. any help would be greatly appreciated.
What subnet masks are you using on your scopes and firewall interfaces?
subnet mask 255.255.255.0
Hi @LANNYE,
Thank you for the detailed setup info.
If the subnet mask is 255.255.255.0, then it is going to be a problem. Do you have both these subnets configured on the SonicWall? Is SonicWall aware of the super scope subnet by either creating VLAN's or route policy? Kindly let me know which subnet out of these scopes is configured on the SonicWall and I can suggest further.
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services
Hi @LannyE
For clients in different subnets from DHCP server, we need to set DHCP relay agent, for example, if the DHCP server's IP is 192.168.1.x in subnet 192.168.1.0/24, then for subnet 192.168.2.0/24 and 192.168.3.0/24, you need to set DHCP relay agent on network devices.
For the workaround, Try to apply below steps.
Step-1 (Assuming you dont have manageable switch or core switch in between sonicwall & DHCP Server)
Create a sub-interface under X0 with your new scope subnet for example;
Assume your first scope router IP (172.16.10.1) is Sonicwall X0 IP
Then create your super scope as same as below.
working scope: 172.16.10.0
Second Scope 172.16.30.0
Last Step;
Add the super scope Server IP into your LAN NIC.
Open the DHCP Server Local Area Connection and click properties
Click on Advanced Tab --> add your new subnet server IP. (Assuming new server IP is 172.16.30.254). As well as add additional gateway IP as your X0 virtual subnet IP (172.16.30.1)
NB: If you have a manageable switch in between SonicWALL & DHCP Server, Let me know will share with you very simple workaround & no need to create additional interface in sonicwall for the new subnet.
Hi @LannyE , I might be missing the point here, but why didn't you just change the subnet mask on th X0 Interface from 255.255.255.0 to 255.255.254.0 ? this would have giving you double the DHCP entries, then all you would need to do is change the subnet mask on Static devices to match.
I would do that but the windows DHCP requires me to export the configuration, edit the txt file, upload it and then update configuration on 6 servers, 2 Dev servers, printers, access points. I only need additional IP addresses for devices
The subnet masks are the same on both scopes.
@LannyE , the only other option I can see is if you add a Static ARP Entry on the SonicWall for the X0 Interface say 192.168.30.1 and then on your DHCP scope for the 192.168.30.0/24 change the router IP to be 192,168.30.1, this should work, are you not having any issues with the 192.168.30.X address being dropped as IP spoofs? if so also add a static route in to the firewall to say the destination 192.168.30.0/24 is routed via the X0 Interface, and try either the X0 IP add the Gateway address or create another address object for the 192.168.30.1 IP after you have created the Static ARP and use this as the gateway IP, (you may need to change the destination Address object to be a range from 192.168.30.2-254 as the routing may get confused as the X0 (Static ARP 192.168.30.1 is assigned to the X0)