Good Morning
I tried to review the threads for this issue, but it seems I could not find anything similar, OR I just missed it.
This might come across as a little confusing....
I am running a switch expansion project for a client, they currently have 2 MS-250's stacked as the Core. I am adding 2 new 250s as well as adding 225 stacks in each IDF closet, removing old Dell switches. The client has a PC and MAC network, all elements of the network (wifi, servers, workstations) all in their own VLANs. I am attempting to replicate the environment in my lab and have configured the transit network (172.16.1.0/24) on an unused interface on our SonicWALL. I have configured all the Layer3 Routing as it exists on the prod switches. But unless i am on the 172 network, I am unable to reach the internet. If i plug into say port 9 of the core and assign that port VLAN 1000, I connect. If I change it to say VLAN 3 (10.3.3.0/24) I do pull an IP address within that subnet however I am unable to traverse out.
I am ready to share the configs that I have so far, and am about ready to call into support, but I think there is just 1 stupid, little thing that I am missing and was hoping one of you geniuses might be able to assist.
The first image is the development in my lab (TJP-Core4) the other is Prod (TJP-CoreStack)
Your SonicWALL knows all the routes to all listed subnets in your screenshot?
Hmmm I'm actually attempting to log into it now to see if that is the case. I mean, no it isn't cause I sure didn't do that.
I'm assuming that I'll need to create those vlans as sub interfaces?
No . You have to create static routes back to 172.16.1.5. For example 10.3.3.0 255.255.255.0 is behind next hop 172.16.1.5
(Or run a routing protocol like ospf).
Yes you could also use subinterfaces and make a trunk between you sonicwall and MS but thats a different design.
I am writing this reply from VLAN3!!! You are correct, I needed to create the new Address Objects in the Sonicwall and then create the routes. The problem I am now facing is DNS, I have set VLAN3 to relay to 172.16.1.1 for the DHCP scope, i do get an IP address, however, without entering 8.8.8.8 on my NIC, I am unable to resolve hosts....
What ip adress do you get back for dns? the sonicwall?
Is dns allowed on the zone where 172.16.1.1 ipadres is in?
Thanks for your reply!
I actually just figured it out, since the SW I am using is the office Prod FW, when I chose to use the current DNS settings on the SW, I ended up using DNS for the internal network here, at the office.
I will be changing the scope options to use 8s or Comcast DNS
or use umbrella/opendns 😉
208.67.222.222 and 208.67.220.220