Yes the 248 is correct giving you .209 through .214 usable with .215 as
the broadcast in that network. You have .209 as your gateway and .210 as
your SonicWall so .211 through .214 should be usable for inbound traffic.
It absolutely smells as if somewhere a mask is wrong. Only 1/2 of your
addresses are getting through to the Sonicwall.
- Larry "DrFranken" Bolhuis
On 3/10/2014 3:06 PM, Bob Cagle wrote:
This is the info I got from the ISP:
Public IP network is xx.xx.xx.208 mask 255.255.255.248
Gateway IP xx.xx.xx.209
Usable range xx.xx.xx.210 - .214
So I set the main interface of my Sonicwall to be .210 with a mask of 255.255.255.248. Maybe that's what's wrong? I need to read up on IP addressing schemes...
.211 is still the only IP getting through - and the ISP is still assuring me that everything is working fine on their end.
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of DrFranken
Sent: Sunday, March 9, 2014 10:29 PM
To: Midrange Systems Technical Discussion
Subject: Re: New public IP address not working
So the subnet mask is 255.255.255.248 then?
Their router is at x.x.x.209?
That being the case they might have a subnet mask wrong such as
255.255.255.252 for example. At least in THEORY the .211 address shouldn't work either as it would be the broadcast address but often that works IF you have the subnet mask correct at .248. Certainly in this case the .212, .213, and .214 addresses would NOT work.
- Larry "DrFranken" Bolhuis
On 3/9/2014 11:00 PM, Bob Cagle wrote:
Update: for those who asked, everything is IP based. I use Client Access to connect remotely, and yes, I did update the config with the new IP.
The ISP has confirmed the IP range and that no ports are being blocked on any of them.
Sonicwall confirmed my firewall config is correct, and that no TCP/UDP traffic is hitting the firewall on the IP assigned to the i5.
The IP range is .210 thru .214. The firewall is set to 210, the Windows server to .211, and the i5 to .212.
I could remote to the Windows server, but couldn't connect to the i5, even though I could ping it.
Since .212 wasn't working, I tried both .213 and .214 also. Neither of those would work either.
So I eventually switched the i5 to .211, since it was working for the server, and voila, access to the i5 works now.
In doing so, I switched the server to .212, and nope, can't connect.
Obviously there has gotta be a problem with the .212-.214 IP range! Just gotta convince the ISP.
Thanks for everyone's input.
-------- Original message --------
From: Bob Cagle
Date:03/08/2014 6:10 PM (GMT-06:00)
Subject: New public IP address not working
First off, I'm a one-man IT shop, and networking is NOT my specialty, AND my normal network consultant is busy dealing with another customer's emergency already - so I'm grasping at straws here:
My ISP just assigned me a block of new IP addresses with our latest upgrade, so I had to assign a new public IP for the System i.
Made the changes to the firewall, and thought all was well; all I had to do was change the public IPs from old to new - but now I'm unable to connect to the System i remotely.
You would think this would be a firewall issue, but I've poured over this Sonicwall and all the routing looks correct to me. I've even confirmed with the ISP that the IP is routed correctly on their end.
Is there any TCP setting on the i that would be related to a public IP
address? I've gone through the CFGTCP options and all I see is the
local IP and domain referenced. (I'm able to connect to my desktop
remotely via TeamViewer)
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take
a moment to review the archives at
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.