Friday, June 7, 2019

Possible Routing Issue

GM Reddit,

Hoping someone could give me some next step idea's on a issue I am facing. I currently have a router/firewall on a stick topology for my network. I have a watchtguard M440 running the show. My network is pretty much all flat with about 5 vlans. All vlans plug into a port on the watchguard and each port has its configured IP as the gateway for the network.

The gateway IP's configured on all the interfaces on the watchgaurd are ending in .254. No static routes on the watchguard or on any of the switches.

192.168.10.x

192.168.20.x

192.168.30.x

192.168.40.x

192.168.50.x

I have added a sonicwall to my network going out a different WAN connection. My plan is to move some of the networks off my the watchguard and over to the sonicwall. I want to leave my infrastructure subnets (servers,network equipment) on the watchguard for now. Let's say Server infrastructure is 192.168.10.x and network infrastructure is 192.168.20.x. I added an interface to the sonicwall for the infrastructure and network infrastructure networks on my sonicwall that are the same subnet as the watchguard.

Sonicwall interface 1: 192.168.10.1

watchguard interface 1: 192.168.10.254

Sonicwall Interface 2: 192.168.20.1

Watchguard interface 2: 192.168.20.254

On the sonicwall, I have it physically connected the same. Flat vlans directly from the switch to the corresponding interfaces.

When I go to change my personal laptop gateway to 192.168.20.1 from 192.168.20.254 (because I want to go out this specific WAN pipe (sonicwall)) I am no longer able to communicate with the server infrastructure subnet(192.168.10.x). I have internet connectivity, but can't ping or RDP to any of my servers. Of course if I add a second default gateway to my laptop pointing to the watchguard again, I can then communicate but I'd like to get it working without this method.

The weird part is my DNS settings are pointed to the servers on the server subnet and I can still resolve public domains on the internet. So it appears DNS is still working but I can't ping or RDP or manage my servers.

Hopefully this is enough information to start a conversation. Thanks!



No comments:

Post a Comment