New Member
•
2 Messages
Replacement SMC D3G-CCR, Sonicwall NSA240 and ip pool not working - It was before
Current info:
IP Pool: x.x.x.57 /29
SMC D3G-CCR suposedly in "Bridge Mode"
Sonicwall NSA-240 connected to SMC via X2, static IP set to x.x.x.57, gateway is x.x.x.62 etc etc etc...
Yesterday we had a hardware failure with our existing SMC modem. Tech replaced it today and now none of my static ip's are passing through to the Sonicwall. I can reach the sonicwall via x.x.x.57. The static IP's x.x.x58, 59, 60 are assigned by the sonicwall to various servers. x.x.x.61 is as yet unused. 6 hours in with two techs and the call center I still cannot reach anything beyond x.x.x.57 Tech support and their managers are saying everything is "right" in the SMC and it has to be on my end, This is BS. Nothing has changed on my end, only the replacement of the modem. What do I need to tell the support rep to do in the modem to allow the pass through of my static IP's through to the Sonicwall once more.
Thanks,
Matt
VBSSP-RICH
Advocate
•
1.4K Messages
10 years ago
Hello Olyonline and welcome,
I recommend that you first check your modem via logging into 10.1.10.1 and making sure that in Gateway Summary. Cable Modem or Network options shows that your correct staticIP Gateway address x.x.x.62 is shown, with the correct subnet mask 255.255.255.248. Any Comcast technical agent can log into your SMC and check the WAN interface to be configured with the correct StaticIP Gateway Address and subnet mask. Next, check your SonicWall WAN interface to make sure it contains all the x.x.x.57 routable, x.x.x62 gateway, and 255.255.255.248 subnet mask correct staticIP parameters within its network interface. .....it is always good networking practice to also include the 75.75.75.75 and 75.75.76.76 DNSs. If this is all good
then jump onto the internet and from a computer on the internet and ping both the x.x.x.62 and x.x.x.57 devices, SMC and SomicWall, respectively. If all this work fine, then let's address your SMC required configuratiion for your internetworking requirements..... In order for your Static IP routing to work correctly, your cannot use "True Bridge Mode" because this mode disables all routing including the staticIP. So, if you are using your SonicWall inherent DHCP Server/router for your internal intra-network security, you only need to have the SMC internal LAN DHCP disabled. This is sometimes referred to as "Psuedo-Bridge Mode", and this will avoid any DHCP conflicts with your SonicWall DHCP Server. If you need more corroboration on this please see this post by GregW, who so eloquently runs through step by step instruction.
Hope this helps you out.
0
Olyonline
New Member
•
2 Messages
10 years ago
Thank you for your reply, I have gone through and verified that everything is connected and programmed. All appears to be as it should be, well because nothing really has changed. While in the gateway, under Gateway Summary>Network, down at the bottom there is a button marked "connected devices" I click this and it shows all of my assigned/in use statics as connected via the mac of the sonicwall, as it should be since the sonicwall is routing the traffic. Is there port blocking on the wan side of the gateway that I cannot access? This seems to be the only explanation as everything else seems to be mapped out correctly.
Thanks,
Matt
0
0
VBSSP-RICH
Advocate
•
1.4K Messages
10 years ago
There is no port blocking on the WAN segment of the Comcast Gateways.
All of your static IP devices should be directly plugged into the 4 ports of the Comcast Gateway (CG) in order for your Gateway address X.X.X.62 to be able to correctly perform the routing and you can use a tiny switch if you do not have enough CG LanPorts because your Static Gateway address will support up to 5 routable devices.
If you need any of your static IP devices to have outside access, then you must log into CG, go to FW, uncheck the disable all Static IP Port management Gateway, then click on the Port Configuration Tab, in here click on the True Static IP Port Management link, make sure the mode is set to "Block all ports with the following excepetiions". This is the most secure means by which to ONLY open routable staticIP (.57, .58, .59, .60, .61) device ports for any application running on same.
Let us know how you make out from here.....
0
0