Sonicwall WLAN to LAN help

[fasterthanlight]

I have a TZ 100 wireless that I have a 10.xx.xx.x set up on for the LAN. I have a 172.16.xx.xx set up on the WLAN.

I changed the single WLAN to LAN firewall rule that existed by default from Deny to Allow, and I can now ping cross network resources, but I can't initiate any thing like printer sharing, folder access (on a Windows Home Server OS), or even an RDP session.


What else do I need to activate to make this work?

 

[Mister Natural]

Just a guess but possibly need to create a NAT policy allowing "ANY" between the two interfaces. If something isn't communicating properly in Enhanced OS it's often caused by improper NAT config.
If the unit is under support warranty you can call sonicwall 888-793-2830

 

[/usr/home]

Shouldn't need any NAT rules as they are direct private networks.

 

[Mister Natural]

Shouldn't need any NAT rules as they are direct private networks.

Do you know this to be a fact with Sonicwall Enhanced OS or is this your thought based on other routers? You could be right but based on my experience with Sonicwall's it wouldn't surprise me if something still needed to be setup in NAT policies. I've never attempted this with the wireless Sonicwalls because I prefer the 2 remain separate entities.

 

[razziell20]

You could create a closed environment with statically assigning an IP to a wireless device and set a rule from WLAN to LAN to allow that device to pass through to a specific station on your LAN side to rule out some possibilities. Although my setup at work varies from yours, I do have a NSA 2400 and Sonicpoint NI's that I do this for printer and RD functionality and it works fine. Different networks and no NAT setup to achieve this.

 

[stevewm]

NAT is not needed.

But you do need a firewall rule for the inverse direction..

Both directions should be set as such:
WLAN to LAN
Source: Any, Destination: Any, Service: Any - ALLOW
LAN to WLAN
Source: Any, Destination: Any, Service: Any - ALLOW

Also, make sure devices on either network are using the correct gateway address. Any device on the 172.16.x network should be using the Sonicwall's IP in that network as its primary gateway. For example: If you have the WLAN interface configured with IP 172.16.1.1, then the devices on that network should be using 172.16.1.1 as their primary gateway. The same goes for the 10.x network.

And make sure the WLAN interface is actually configured to the WLAN zone.

 

[summy]

What stevewm, and usr/home/ said. ICMP is being allowed, but you need to set a rule for traffic to flow back and forth, and open to policies to services ANY.. (allows everything) or pick the services you mentioned (printers, rdp, etc).

NAT shouldn't be needed..

 

[Wrench00]

Also modify your dhcp scope to include your DNS server instead of Wan zone. All you need to do is Stevewm said go to firewall rule and allow WLAN -> LAN and vice verse and everything should work just fine.

 

[fasterthanlight]

Also modify your dhcp scope to include your DNS server instead of Wan zone. All you need to do is Stevewm said go to firewall rule and allow WLAN -> LAN and vice verse and everything should work just fine.

I've had a chance to look over the posts and then my Sonicwall.

The rules won't let me create a new LAN to WLAN, it says that the new rule overlaps another. It must see that rule as both ways, possibly indicated with the up and down arrows in the rule itself.
Also, the DNS in the DHCP scope on both the 10 and 172 nets are set to inherit.

Any more ideas?

 

[fasterthanlight]

I ended up bridging the WLAN over to the LAN interface so that all wireless devices get a 10 net instead of the 172.

It's working now on the same subnet.