Link to home
Start Free TrialLog in
Avatar of SpyderG
SpyderG

asked on

SonicWall outbound traffic through a specific WAN port

I have a client with a SonicWall TZ190 firewall running SonicOS Enhanced.  They are load balanced on two ISPs using the WAN port and the OPT port.  They ahve one application with a specific need to communicate over a set few UDP ports only on the WAN port.  Due to loadbalancing the application is not able to control which port it takes to the Internet so I hoped to be able to use NAT in the SonicWall to route traffic appropriately.  Unfortunately when I create a rule to direct those ports out the WAN port it breaks the application's ability to connect to the remote client.  See the code section for my configuration attempt.
Original Source: Any
Translated Source: Original
Original Destination: Any
Translated Destination: Original
Original Service: Service group containing UDP ports required
Translated Service: Original
Inbound Interface: LAN
Outbound Interface: WAN

Open in new window

Avatar of Irwin W.
Irwin W.
Flag of Canada image
Why not set the rule in the workstation's routing table. Have you tried that?
Avatar of SpyderG
SpyderG

ASKER

There are various workstations on the network that use the application and I am actually not sure how I would tell the workstation which WAN port to use on a downstream firewall.  What did you have in mind?
Avatar of Irwin W.
Irwin W.
Flag of Canada image
If this is a Windows workstation, you could add the route via the route add command at the command line.

Acutally, don't create a rule create a route in your Sonicwall's routing table.See Below...

Picture-1.png
Avatar of SpyderG
SpyderG

ASKER

I believe route add will only allow for a route to the next hop which would be the inside interface or LAN port.  The SonicWall then still needs to decide which port to use and may choose the OPT port based on load.  Adding a route in the SonicWall may be an option if I can't figure this out, but it would be cludgy to manage as I would need to add a route for each remote client.  Since the application uses a small group of UDP ports I would prefer to do it that way if I can.  I don't see why it shouldn't work.
Avatar of ccpjc
ccpjc
Flag of Canada image
the route command should direct your traffic from the hosting server to the ip address specified not to the WAN or OPT ports
ASKER CERTIFIED SOLUTION
Avatar of SpyderG
SpyderG
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial