This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Where to put things

This is network diagram of from the datacenter

This is how my network has been functioning with the sonicwall

How do I get it to work with the XG? I can't plug the physical wan interfaces from R2 and MEDVPN into the XG - XG has to be in gateway mode with multiple vpn policies.

This thread was automatically locked due to age.

Parents

0 B.R.O. over 8 years ago

I know this doesnt make sense, perhaps i can decribe how i have to fix or configure something on the network would help...
Cancel
Vote Up 0 Vote Down

Cancel
0 lferrara over 8 years ago in reply to B.R.O.

BRO,

try to put the IP on the first network diagram where Sonicwall is in place. The other 2 diagrams does not help (too much confusion with physical ports).

Thanks
Cancel
Vote Up 0 Vote Down

Cancel
0 B.R.O. over 8 years ago in reply to lferrara

Here is the Layout with private ip addresses

Here it is with public ip addresses
Cancel
Vote Up 0 Vote Down

Cancel
0 B.R.O. over 8 years ago in reply to B.R.O.

Maybe this would work. Instead of using the HA unit, I make it a transparent bridge like this...
Cancel
Vote Up 0 Vote Down

Cancel
0 lferrara over 8 years ago in reply to B.R.O.

BRO,

thanks for sharing your network diagrams. Can you put the subnet inside the Private network map?

I would recommend you to keep the HA and to keep XG in routing mode.

Thanks
Cancel
Vote Up 0 Vote Down

Cancel
0 B.R.O. over 8 years ago in reply to lferrara

Here you go.
Cancel
Vote Up 0 Vote Down

Cancel
0 B.R.O. over 8 years ago in reply to B.R.O.

I put the internet connection to the MEDVPN. It need full ip allow all traffic to 6 cisco host end routers.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 B.R.O. over 8 years ago in reply to B.R.O.

I put the internet connection to the MEDVPN. It need full ip allow all traffic to 6 cisco host end routers.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 B.R.O. over 8 years ago in reply to B.R.O.

Here is one way I tried to configure the XG....

On my test unit I created a Bridge LAN bridging ports 1,4,5,6 to the LAN Zone

Static Routes for my lan for each vlan (actually entered 20 routes)

10.x.14.1/255.255.255.0 gateway: none interface= (LAN- Bridge)

10.x.15.1/255.255.255.0 gateway: none interface= (LAN- Bridge)

DHCP Relay for my DHCP Server to provide IPs address for the LAN-Bridge.

Port 7 - Public_Wifi (because of bridge lan a new interface is needed for public_wif to be separate from LAN Zone.

(looking at the R1 router there are permit acls stateless traffic allows like IPaccess-list 190 permit ip 10.x.x.0 0.0.1.255 10.x.x.64 0.0.0.63)

use putty client

access XG via SSH Port 22

Login

select #4 device console (now all lan traffic will be premitted and the nat subnets function)

set advanced-firewall bypass-stateful-firewall-config add source_network 10.X.X.0 source_netmask X.X.X.X dest_network 10.X.X.64 dest_netmask X.X.X.X

set advanced-firewall bypass-stateful-firewall-config add source_network 10.X.X.64 source_netmask X.X.X.X dest_network 10.x.x.0 dest_netmask X.X.X.X

Connect R1 to port 4 (Bridge LAN bridging ports 1,4,5,6 to the LAN Zone)

Connect R2 to port 5 (Bridge LAN bridging ports 1,4,5,6 to the LAN Zone)

Connect MEDVPN to port 6 (Bridge LAN bridging ports 1,4,5,6 to the LAN Zone)

All good except R2 and MEDVPN can't get out through the internet.
Cancel
Vote Up 0 Vote Down

Cancel
0 B.R.O. over 8 years ago in reply to B.R.O.

also static route for Datacenter Network gateway=HSRP Router, Interface=LAN Bridge
Cancel
Vote Up 0 Vote Down

Cancel