Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3898
Views
10
Helpful
18
Replies

Cisco C3650 OSPF with Sonicwall Firewall

Go to solution
ChrisLuberto
Level 1
Level 1

‎02-15-2018 08:47 PM - edited ‎03-08-2019 01:52 PM

I'm in the process of replacing a Sonicwall 2400 with a Sonicwall 2650.  The configuration easily copies over however, when I plug the LAN port (192.168.50.1) of the Sonicwall into the same Cisco interface that the old firewall plugged into,  traffic is not routed to Sonicwalll.  

 

OSPF populates the routes on the new fire wall, I've cleared the ARP table on the layer 3 switch (the MAC address for the new firewall is correct), and 'show ip ospf neighbor' shows the new firewall as a neighbor.  The 'Gateway of last resort' changes to a secondary internet connection when it should remain the same.

 

When I plug the old firewall back in, the 'gateway of last resort' changes back to the primary (192.168.50.1) and traffic routes through the firewall as it should.  The configuration on the firewalls are identical.  Sonicwall tech support was not able to provide a solution.  What am I missing on the Cisco switch side? 

Labels:
0 Helpful
18 Replies 18

Go to solution
ChrisLuberto
Level 1
Level 1
In response to Rafael Carvallo

‎02-17-2018 10:38 AM

Great point.  I am using the FWs default WAN interface, X1.  The zone is also applied correctly.  I'm contacting Sonicwall via an existing ticket to see if they can shed light on way the WAN interface is showing as DOWN when it is actually UP.

 

I'll update you when I have more information.

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to ChrisLuberto

‎02-20-2018 08:54 AM

Chris

 

Please do update us as you make progress with this issue.

 

HTH

 

Rick

HTH

Rick
0 Helpful

Go to solution
ChrisLuberto
Level 1
Level 1
In response to Rafael Carvallo

‎02-20-2018 10:31 AM

Solution:  The Sonicwall NSA 2650 is configured for OSPF on X0.  The settings for OSPF (Network > Routing> *Gear Icon*) was set to "When WAN is up" under 'Originate Default Route'.  The NSA 2650 has a known issue that X0 was not broadcasting to OSPF to the router because it never saw the WAN as "up".  Sonicwall provided a hotfix and it is now working correctly.

 

Workaround before hotfix: I set 'Originate Default Route' to "Always"

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to ChrisLuberto

‎02-20-2018 11:23 AM

Chris

 

This has been a long and interesting discussion. Thanks for updating us and letting us know that it is now solved and that the issue was something on the Sonicwall. Glad that you now do have things operating as expected.

 

HTH

 

Rick

HTH

Rick
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card