Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

How to set up a Windows DHCP Superscope on the sonicwall TZ 205

I have my dhcp on Windows server 2012 r2. my IP addresses are almost all used up. I've created a second scope and created a super scope. This second scope is unable to access the internet, I've attempted looking through KB and have found different issue but none answer.

Category: Firewall Management and Analytics
Reply
Tagged:

Answers

  • SaravananSaravanan Moderator

    Hi @LANNYE,

    Thank you for visiting SonicWall Community.

    I presume you created the second scope and super scope on the same subnet as that of the existing DHCP scope. The client PC's are able to get the DHCP IP addresses from the second scope but they are unable to access the Internet. Do I sound right? If yes, could you please check if you can ping the SonicWall's LAN interface IP which should be the gateway for the client PC's? Also, try to ping an external IP address like 4.2.2.1 from the same client PC. We can figure out the root cause this way.

    Please keep me posted.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • LannyELannyE Newbie ✭

    Here's my set up:

    working scope: 172.16.10.0

    • IP addresses 172.16.10.100 - 172.16.10.253
    • router 172.16.10.1
    • DNS Servers 172.16.10.30,172.16.10.32
    • DNS Domain name: energy.com

    Second Scope 172.16.30.0

    • IP Addresses 172.16.30.1 to 172.16.30.253
    • router 172.16.10.254
    • DNS Servers 172.16.10.30,172.16.10.32
    • DNS Domain name: energy.com

    DHCP isn't assigning IP addresses from Second scope but I've assigned a device with IP address static (172.16.30.5) and it won't connect to the internet.

    I can ping from SERVER external 4.2.2.1 but can't ping 172.16.30.5


    I feel like I've missed a step. any help would be greatly appreciated.

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    What subnet masks are you using on your scopes and firewall interfaces?

  • SaravananSaravanan Moderator

    Hi @LANNYE,

    Thank you for the detailed setup info.

    If the subnet mask is 255.255.255.0, then it is going to be a problem. Do you have both these subnets configured on the SonicWall? Is SonicWall aware of the super scope subnet by either creating VLAN's or route policy? Kindly let me know which subnet out of these scopes is configured on the SonicWall and I can suggest further.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • AjishlalAjishlal Community Legend ✭✭✭✭✭

    Hi @LannyE

    For clients in different subnets from DHCP server, we need to set DHCP relay agent, for example, if the DHCP server's IP is 192.168.1.x in subnet 192.168.1.0/24, then for subnet 192.168.2.0/24 and 192.168.3.0/24, you need to set DHCP relay agent on network devices.

    For the workaround, Try to apply below steps.

    Step-1 (Assuming you dont have manageable switch or core switch in between sonicwall & DHCP Server)

    Create a sub-interface under X0 with your new scope subnet for example;

    Assume your first scope router IP (172.16.10.1) is Sonicwall X0 IP

    Then create your super scope as same as below.

    working scope: 172.16.10.0

    • IP addresses 172.16.10.100 - 172.16.10.253
    • router 172.16.10.1
    • DNS Servers 172.16.10.30,172.16.10.32
    • DNS Domain name: energy.com

    Second Scope 172.16.30.0

    • IP Addresses 172.16.30.1 to 172.16.30.253
    • router 172.16.30.1
    • DNS Servers 172.16.10.30,172.16.10.32
    • DNS Domain name: energy.com

    Last Step;

    Add the super scope Server IP into your LAN NIC.

    Open the DHCP Server Local Area Connection and click properties

    Click on Advanced Tab --> add your new subnet server IP. (Assuming new server IP is 172.16.30.254). As well as add additional gateway IP as your X0 virtual subnet IP (172.16.30.1)

    NB: If you have a manageable switch in between SonicWALL & DHCP Server, Let me know will share with you very simple workaround & no need to create additional interface in sonicwall for the new subnet.

  • prestonpreston All-Knowing Sage ✭✭✭✭

    Hi @LannyE , I might be missing the point here, but why didn't you just change the subnet mask on th X0 Interface from 255.255.255.0 to 255.255.254.0 ? this would have giving you double the DHCP entries, then all you would need to do is change the subnet mask on Static devices to match.

  • LannyELannyE Newbie ✭

    I would do that but the windows DHCP requires me to export the configuration, edit the txt file, upload it and then update configuration on 6 servers, 2 Dev servers, printers, access points. I only need additional IP addresses for devices

  • prestonpreston All-Knowing Sage ✭✭✭✭
    edited July 2021

    @LannyE , the only other option I can see is if you add a Static ARP Entry on the SonicWall for the X0 Interface say 192.168.30.1 and then on your DHCP scope for the 192.168.30.0/24 change the router IP to be 192,168.30.1, this should work, are you not having any issues with the 192.168.30.X address being dropped as IP spoofs? if so also add a static route in to the firewall to say the destination 192.168.30.0/24 is routed via the X0 Interface, and try either the X0 IP add the Gateway address or create another address object for the 192.168.30.1 IP after you have created the Static ARP and use this as the gateway IP, (you may need to change the destination Address object to be a range from 192.168.30.2-254 as the routing may get confused as the X0 (Static ARP 192.168.30.1 is assigned to the X0)

  • prestonpreston All-Knowing Sage ✭✭✭✭


Sign In or Register to comment.