In this example our upstream
provider (ISP) is giving us 173.240.220.3/24
on the WAN side, but let’s say we need more IP Addresses, so they are also
giving us 173.240.230.1/24. Since the
WAN is defined as 173.240.220.3/24, we cannot simply make a NAT policy for the
second subnet because it is out of the scope of the first subnet’s broadcast
domain. SonicWALL does not know
173.240.230.1/24 exists. This is
actually really easy to get working, but the documentation I found on it was
for older SonicOS versions. I am using
the SonicWALL NSA220W demo portal available here.
Under
Network -> Interfaces you can see our primary WAN subnet as the X1
interface:
First
we need to make an Address Object for the second subnet. Browse to Network -> Address Objects. Under Address Objects click Add… I named mine X1 Second Subnet, it’s going to
be on the WAN side, with a range of IP addresses in the second subnet, like so:
Now we need to create a Route, so traffic
coming into the second subnet gets routed to the primary subnet (X1). Browse to Network -> Routing. Under Route Policies Click Add… Source is going
to be Any, Destination is going to be the new Address Object: X1 Second Subnet,
Service: Any, Gateway: 0.0.0.0, Interface: X1, Metric: 10. Like so:
Now with any NAT polices all you
have to do is select an IP in the X1 Second Subnet to be translated to a LAN IP
and the SonicWALL will know to route it through X1.
