We are having meraki switches MS210 (x4) and a sonicwall NSA 2650 firewall which we will replace with MX100 in 2 months.
I have created 2 vlan(vlan1 , vlan10) interfaces in one of the switch and there is a native vlan interface(vlan1) in sonicwall.
meraki switch traffic is forwarded to sonicwall using static route.
In sonicwall i have added a static route to vlan10 network through meraki vlan1 interface.
Now!! i can ping all the hosts in each vlan from other vlan but couldn't access any device. only pinging is happening.
Am i missing anything!!!
If you can ping them then it sounds the routing is working. What are you trying to access. Does the client not has a firewall that is blocking traffic?
I can't access NAS or server from other VLAN and i have allowed all the services in firewall as well.
What does a traceroute show you.
can you ping other devices on the same network as your NAS and servers?
@DarrenOC sorry for the late reply, traceroute is passed with single hop.
And i can ping the devices from both the vlans, but the NAS and servers in other vlan are inaccessible.
What is routing between the two VLANs? The MS210 stack?
If so, are your hosts using the MS210s as their default gateway?
@PhilipDAth Sorry for the late reply! I have 3 VLANS Vlan (1,5,10). Native vlan 1 is created in sonicwall, Vlan 1,5&10 are in meraki and traffic(0.0.0.0/0) is forwarded to sonicwall. From sonicwall, Vlan 5&10 traffic are forwarded to vlan1 interface of meraki.
Hence for the hosts in vlan 5&10 meraki(MS210) interface is default gateway.
@mahi my guess is going to be an asymmetric routing issue. The NAS and servers wouldn’t happen to reside in VLAN1 would they? Client to server is going via the MS stack only, whereas the return traffic (defined by the NAS/server default gateway) is going via the Sonicwall, then back to the MS. All I can imagine is the Sonicwall is doing something ‘smart’ as it won’t be seeing the entire TCP three way handshake.
Is the default gateway on the NAS/server pointing at the MS or the Sonicwall? If it’s the Sonicwall try changing it to the MS.
@Bruce yes, the NAS and servers are reside in vlan1 and their default gateway is pointing towards sonicwall. I'll definitely try changing them to ms and update.