Routing from LAN/Sonicwall to Comcast DHCP Client
- 
 @jasgot said in Routing from LAN/Sonicwall to Comcast DHCP Client: 192.168.1.x TO 10.1.10.44 does not work. The sonicwall claims the 10.1.10.x subnet is on the WAN port and reachable through 96.x.x.x (Cablem Modem's Public IP). Of course the SonicWall thinks that, it's not directly aware of any other path to a 10.x.x.x network, so it must go to the default route. All I can guess is the cable modem is not turning the traffic around and putting it back on it's 10.1.10.x lan subnet. Yeah, this doesn't surprise me. It's generally not used the way you are using it. I've never seen anyone intentionally use a cable connected box to assign DHCP addresses for a client, while also statically assigning addresses to others. 
- 
 @jasgot said in Routing from LAN/Sonicwall to Comcast DHCP Client: @jaredbusch said in Routing from LAN/Sonicwall to Comcast DHCP Client: @jasgot said in Routing from LAN/Sonicwall to Comcast DHCP Client: All I can guess is the cable modem is not turning the traffic around and putting it back on it's 10.1.10.x lan subnet. This would not be a modem if it could. It would be a router. So I added a static route to the Comcast Cable Modem. So now it is a router. 
 Still no joy.
  While this seems correct, it might not work as you expect. You might only be able to create static routes on the IP range that's inside the DHCP pool. Again, I'm sure the box isn't meant to be used as you are using it. Can you assign a static IP to the webserver? 
- 
 @notverypunny said in Routing from LAN/Sonicwall to Comcast DHCP Client: Have you got the appropriate rules in place to allow WAN > LAN as well as the NAT rules on the Comcast CPE? Can you get to the webserver from another connection? Keep in mind that since you're using the public IP it's got to be configured and managed as an independent, internet-facing service. Are all 3 devices (the 2 SW and the Comcast CPE) on the same connection and the IPs part of the same subnet or are we dealing with multiple discrete ISP lines? There's lots of room for incorrect assumptions to be made with the info you've provided. If possible, I'd put everything on one device, preferably the strongest of the 2 SW units and manage everything that way. This point brings up a good point. Assuming the CPE can't route, you'd need to reach out to the Public IP that's in front of the DHCP range the CPE is providing. Then make sure sure the CPE is able to trombone route and that the correct port redirections are in place on the CPE to get traffic through the CPE's NAT to the DHCP webserver client. As @notverypunny asked - can you reach the webserver from something outside of your network? 
- 
 @dashrender said in Routing from LAN/Sonicwall to Comcast DHCP Client: As @notverypunny asked - can you reach the webserver from something outside of your network? No. That's verboten. 
- 
 I'm going to contact the web server people and ask if we can move it to our LAN subnet. 
- 
 @jasgot said in Routing from LAN/Sonicwall to Comcast DHCP Client: @dashrender said in Routing from LAN/Sonicwall to Comcast DHCP Client: As @notverypunny asked - can you reach the webserver from something outside of your network? No. That's verboten. then I'm confused - why it is attached in the manner it is? Who's supposed to access the webserver? 
- 
 @dashrender said in Routing from LAN/Sonicwall to Comcast DHCP Client: then I'm confused - why it is attached in the manner it is? Who's supposed to access the webserver? People on the sonicwall LAN. 
- 
 @dashrender said in Routing from LAN/Sonicwall to Comcast DHCP Client: But since it's not, try adding a virtual adapter on the WAN interface of the SonicWall and assigning it IP 10.x.x.x in the same range as the web server. Now the web server won't know how to get back, so you'll need a route entry on the webserver as well. This was the closest to the way we went. 
 I used an available physical port on the Sonicwall, assigned it a static IP (10.1.10.253) on the Comcast Cable Modem internal LAN subnet.I then added a static route on the Sonicwall to find the Comcast LAN and I added a route on the Cable modem to find the Sonicwall LAN. It works just as we want. Thanks for all the comments, it helped lead us to a solution to handle this non standard configuration. 
- 
 @jasgot said in Routing from LAN/Sonicwall to Comcast DHCP Client: @dashrender said in Routing from LAN/Sonicwall to Comcast DHCP Client: But since it's not, try adding a virtual adapter on the WAN interface of the SonicWall and assigning it IP 10.x.x.x in the same range as the web server. Now the web server won't know how to get back, so you'll need a route entry on the webserver as well. This was the closest to the way we went. 
 I used an available physical port on the Sonicwall, assigned it a static IP (10.1.10.253) on the Comcast Cable Modem internal LAN subnet.I then added a static route on the Sonicwall to find the Comcast LAN and I added a route on the Cable modem to find the Sonicwall LAN. It works just as we want. Thanks for all the comments, it helped lead us to a solution to handle this non standard configuration. Why go through all of these hoops when @jasgot said in Routing from LAN/Sonicwall to Comcast DHCP Client: @dashrender said in Routing from LAN/Sonicwall to Comcast DHCP Client: then I'm confused - why it is attached in the manner it is? Who's supposed to access the webserver? People on the sonicwall LAN. If those are the only people with access - why not just put it on that LAN? 
- 
 @dashrender said in Routing from LAN/Sonicwall to Comcast DHCP Client: If those are the only people with access - why not just put it on that LAN? Other equipment it talks to on another network; and we do not have access to that other equipment. 
- 
 @jasgot said in Routing from LAN/Sonicwall to Comcast DHCP Client: @dashrender said in Routing from LAN/Sonicwall to Comcast DHCP Client: If those are the only people with access - why not just put it on that LAN? Other equipment it talks to on another network; and we do not have access to that other equipment. Where is that network? how does the web server get to that network now? 
