Re: [smartBridges] ??APPO OR WET 11 workign correct with SONICWALL

[Jack Berridge]

Yes, we have seen this also.  It caused us a lot of heartburn initially as well.  We finally figured out a solution that worked well (I don't know your network topology to know if this will also work for your situation).

What we had to do is this:

o  In the SonicWALL, select the "Advanced" tab (on the left hand side when logged in).

o  Once in the Advanced tab area, you will have tabs at the top.  Select "Intranet".

o  By default, the radio button "SonicWALL's WAN Link is directly connected to the Internet router" will be used.  We had to change this to the third radio button "Specified address ranges are attached to the WAN link".  Then we entered our /24 block (in our case).  For example (only), if his SonicWALL WAN IP address is 66.66.66.45 with gateway of 66.66.66.1 and subnet mask of 255.255.255.0 you would enter 66.66.66.0 with subnet mask of 255.255.255.0 as the address range directly connected. 

We believed that we should not have had to do this (our DNS and Mail Servers were not part of the same /24 block as the customers WAN IP Address).  But, we did it and it worked to allow the customer to reach our internal devices that they could not reach otherwise.  Worth a shot as your symptoms sound the same as ours.

Good luck!



Jack



At 07:05 AM 7/30/2003 -0700, you wrote:

Okay I have a customer who has a sonic wall router / firewall. with his own wet 11 surfs just fine but will not get to any of my domains on my subnet except will ping and allow pass-through to my t-1 router? I can hook up my laptop direct to the radio and it goes to my servers and domains just fine.
 
I thought okay cheap wet 11 well I swap it for a APPO same thing it seems that when you do a arp - a lookup with the appo it shows the mac address of the sonic wall and I authenticate it and it does the same thing surfs fine on the internet just will not go to my subnet where my DNS and mail servers are located but other DNS and mail servers out on the net are accessible. Once again hook my laptop up direct and get to main domains and subnet just fine.
 
I do an arp -a on other ABO radios and what's strange never noticed it before but the mac of the radio shows up associated to the public routable IP instead of the customers computer or router with the exception of customers using APPO's.
 
Anyone ever work with SONIC wall I had the lan admin there and he says it is my network that is not passing back requests to their firewall but I think that is incorrect because if I bypass their SONIC wall and hooked direct to a pc with either the wet 11 or APPO and it goes to all domains.
 
MY layout
 
WET 11 or APPO associates to > APPO (AP) > switch > 5.7 canopy backhaul>switch to t-siemens router
 
HELP please any ideas we did a pack sniff and like he says we can see ping a request out but nothing answers back from any of my servers on my subnet with the exception of my t-1 router but pings go out fine to the net?