0

(eta salutation, which keeps getting eaten.)

Hi, all.

I see a bunch of related questions, so I'm hesitant to ask, but:

I have a situation where I have a Sonicwall NSA220 serving as firewall/router for two internal subnets to two external WAN connections. In some locations this is two separate ISPs. In others, it's the same ISP but with multiple circuits.

The problem is that one ISP has been unable to provide unique subnets for each WAN interface.

Is there any possibility that I might be able to bond the two WAN interfaces into a single virtual interface, and then use source-routing to get internal subnets communicating out the appropriate physical interface? Or even just use traffic-shaping to give each internal network appropriate shared bandwidth? I haven't found anything in the docs, but it seemed like it might be worth asking.

Thanks for any help! -Steve.

Ttamsen
  • 13
  • 1
  • 1
  • 3

3 Answers3

1

You may try the following setup:

Install a switch in front of SW and connect two ISP connections from the same subnet).

ISP link 1------
                |--switch---|--sonicwall--|----LAN
ISP link 2 -----

On SW, assign a WAN IP from the same subnet.

Is WAN Gateway same for both Links?

If there are two, you may be able to setup two outbound routes for each Link.

HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
Cromwell
  • 26
  • 1
  • Thank you from the far future. :) I ended up moving to a release that offered explicit WAN aggregation, but in the cases where that's not available, this is a rather clever workaround. I've tucked it in the toolbox for the next time. – Ttamsen Dec 01 '16 at 19:17
0

If you have addidtional public IPs in the same subnet range: after assigning one public IP to the WAN interface, you can add additional public IPs by creating a WAN address objects under Network--> Address objects.

After that, you can bind that WAN address object with private IP on LAN using Access rules and NAT policies.

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=4535

Or, if you have a LAN range that needs to go to a specific WAN IP, Network--> Routing, and create a new rule:

  • Source: the LAN range
  • Dest: Any
  • service: Any
  • Gateway: WAN IP
Force Flow
  • 1,155
  • 5
  • 23
  • 45
  • Thanks, but that's not quite the problem. I have multiple WAN IPs on _separate_ interfaces. Since they're in the same subnet, one of the interfaces is not being brought up, with a "subnet already assigned to other interface" error. I was hoping I might be able to bond the two WAN interfaces somehow, although I see nothing in the docs that suggests it's possible. I'd be happy to be told I'm missing the blindingly obvious, though. – Ttamsen Apr 19 '12 at 16:11
  • Try searching the SonicOS administrator's manual for WAN link aggrigation. You might have to contact sonicwall support about this one, though. – Force Flow Apr 19 '12 at 17:42
-1

Make the second IP a virtual interface and have apply NAT r

ISP GATEWAY X.X.X.161/29 X0 - X.X.X.162 Virtual X.X.X.163

Sonicwall can create the rules using their wizard

Javier Guitterez
  • 1