Troubleshooting TZ 180 Configuration and Settings Issues
25
SonicWALL TZ 180 Recommends Guide
Internet Connectivity Troubleshooting
Symptom: I Do Not Have Internet Access from Behind the TZ 180
Verify the WAN Interface on the Appliance Is Connected Properly to the Security Appliance Providing Internet
Access
Verify the
Status
section of the
System > Settings
page to see if the link is down or has a duplex. It is
recommended that the speed and duplex be locked on both sides of the connection to prevent
auto-negotiation problems.
Verify that the WAN Interface is Set to the Correct Mode
Contact your ISP to determine if your public Internet connection is set for Static IP, DHCP, PPPoE, L2TP,
or PPTP. If the connection is Static IP, the ISP needs to provide you with one or more public IP addresses,
a netmask, a gateway IP, and one or more DNS server address for the TZ 180 to successfully connect to the
Internet.
Determine if the Security Appliance Is Upstream of the TZ 180 Already Performing NAT
Contact your ISP to determine how their equipment functions. It may be that the ISP security appliance is
already acting as a Firewall/NAT security appliance, and should be re-configured to allow the SonicWALL
security appliance to connect to the Internet. This is an increasingly common issue as ISPs provide xDSL
and cable modem equipment with ‘all in one’ functionality. You may need to purchase a generic xDSL or
cable modem and swap out the ISP equipment if it cannot be configured to allow the SonicWALL security
appliance to work properly.
Verify if the WAN MTU is Set Correctly for Your Type of Connection
You may need to change the WAN MTU setting, found on the
WAN interface Ethernet
tab, to a value
appropriate to your type of connection. For example, set it to 1492 for DHCP connections, and 1404 for
PPPoE connections.
Verify that the TZ 180 Can Contact the Upstream Gateway
Use the tools found on the
System > Diagnostics
page to determine if the connectivity problem is between
the TZ 180 and the upstream gateway, or farther upstream. It may not be an issue with the TZ 180, but with
the ISP itself.
Verify that the Firewall and NAT Rules Are Configured Properly
Firewall rules can get changed or deleted inadvertently. Verify that the resources on the LAN and OPT
interfaces have a rule allowing them to access the WAN. If there are resources on the OPT interface that
have a unique public IP address, check the NAT rules.
Symptom: Users on the WAN Cannot Get to Servers on the OPT or LAN Interfaces,
but the NAT/Firewall Rules Look Fine
Your ISP may be blocking specific inbound ports, which is an increasingly common problem. Contact your
ISP. You may need to upgrade or replace your service to allow full connectivity.