As shown by the network diagram below, I have two completely separate networks. One is being managed by a Sonicwall NSA 220, the other by some other router (the brand is not important). My goal is to allow devices within the 192.168.2.0/24 network to access devices in the 192.168.3.0/24 network. Allowing the reverse (192.168.3.0/24 -> 192.168.2.0/24) is not required.
So far, I have done the following: I connected the X3 Interface on the Sonicwall to the 192.168.3.0/24 network switch (shown as the dashed red line in the diagram). Next, I gave it a static ip address of 192.168.3.254 and set the Zone to LAN (the same Zone for the X0 interface). Judging by various articles and KBs I've read, this is all that should be necessary, although it does not work.
I can ping 192.168.3.254 from any device in the 192.168.2.0/24 network although I cannot ping/connect to any device within the 192.168.3.0/24 network.
Any help would be greatly appreciated!
Network Diagram:
(I asked a similar, yet more complicated, question earlier; although, I realized that I cannot solve that without first solving this (which may actually solve my original question))
Best Answer
Devices in 192.168.3.0 need to know that they can reach devices in 192.168.2.0 via 192.168.3.254. The way they'll know that is to create a route on "Another Router" for 192.168.2.0 via 192.168.3.254.
EDIT
When you ping or connect to a device in 192.168.3.0 the return traffic has to have a path back to the device in 192.168.2.0 that originated the traffic. That path needs to go through 192.168.3.254. By default all non-local traffic in 192.168.3.0 will be forwarded to "Another Router" since it's the default gateway for hosts in the 192.168.3.0 network. Once you have the route configured in "Another Router" you need to create a firewall rule on the Sonicwall that blocks traffic originating in 192.168.3.0 from accessing 192.168.2.0. When traffic originates from 192.168.2.0 the return traffic will be allowed through the firewall since it originated in 192.168.2.0.