When I change the subnet for the LAN interface on a Sonicwall firewall the WAN interfaces go haywire. What should I do?

6,331

Since you have two WANs in place, under the Network section, check NAT Policies and Routing. I'm guessing that the subnets might be specified there for routing specific traffic to and from the LANs and WANs.

Share:
6,331

Related videos on Youtube

wan_han
Author by

wan_han

Updated on September 18, 2022

Comments

  • wan_han
    wan_han almost 2 years

    Our company's old subnet was 255.255.255.0. To adjust for growth we decided to implement a 255.255.248 subnet.

    Upon changing this in our Sonicwall's LAN interface, our WAN connections quit working normally. We have 2 WAN connections, one used for outgoing traffic and the other for incoming traffic. The second is also setup as the failover for the first.

    Pinging anything whether inside or outside the network would return handfuls of packets and then deny everything for minutes before returning another handful of packets.

    I don't know that it's the WAN ports that were at fault, but they are what show up in the error log.

    For example:

    Category            Message                                     Source              Destination
    WAN Availability    Probing succeeded on NAT Static IP          x.x.x.x, 0, X2      4.2.2.1, 53, X2, a.resolvers.level3.net
    WAN Availability    WLB Resource failed                         x.x.x.x, 0, X2  
    WAN Availability    WLB Failover in progress                    x.x.x.x, 0, X2      y.y.y.y, 0, X1
    WAN Availability    The network connection in use is NAT Static IP  y.y.y.y, 0, X1  
    WAN Availability    Probing succeeded on NAT Static IP          y.y.y.y, 0, X1      4.2.2.2, 53, X1, b.resolvers.Level3.net
    WAN Availability    Probing succeeded on NAT Static IP          y.y.y.y, 0, X1      4.2.2.1, 0, X1, a.resolvers.level3.net
    WAN Availability    WLB Resource failed                         y.y.y.y, 0, X1  
    WAN Availability    Probing failure on NAT Static IP            y.y.y.y, 0, X1      4.2.2.2, 53, X1, b.resolvers.Level3.net
    WAN Availability    Probing failure on NAT Static IP            y.y.y.y, 0, X1      4.2.2.1, 0, X1, a.resolvers.level3.net
    WAN Availability    WLB Resource is now available               y.y.y.y, 0, X1  
    WAN Availability    Probing failure on NAT Static IP            x.x.x.x, 0, X2      4.2.2.1, 53, X2, a.resolvers.level3.net
    WAN Availability    Probing failure on NAT Static IP            x.x.x.x, 0, X2      4.2.2.2, 0, X2, b.resolvers.Level3.net
    WAN Availability    WLB Resource is now available               x.x.x.x, 0, X2  
    WAN Availability    WLB Failback initiated by preemption due to a more preferred interface being operational    y.y.y.y, 0, X1  x.x.x.x, 0, X2
    
    

    This all happened in the course of about 20 seconds, and would repeat itself.

    We were told it was a cabling issue when talking with Sonicwall Support, but can't find where we might have double up any of the cabling. I also wonder why we wouldn't have the same problem on the 255.255.255.0 subnet.

    If there was a NIC with two IPs in the same subnet somewhere would that cause what we're seeing?

    Help?

    • wan_han
      wan_han almost 12 years
      Yes, they were as confused as we were when everything went haywire. It works fine when we go back to /24. Will try /23 and see.
    • wan_han
      wan_han almost 11 years
      So it turns out there was a Cisco device causing a network storm. Upon reconfiguring the device the change to the subnet worked flawlessly.
    • Spiff
      Spiff almost 11 years
      Thanks for the followup Jason. On SuperUser, when you solve your own problem, it works best if you put your own solution as an Answer and then accept (click the check mark next to) your own Answer. That way it doesn't show up as an open question anymore.