Solved

SonicWall Pro 100 Standard to NAT Mode

Posted on 2003-10-21
5
644 Views
Last Modified: 2011-10-03
Hello,

I am currently running a Sonicwall Pro 100 in Standard mode without utilizing the DMZ or NAT.  The only device connected to the WAN link is the router.  There are rules to access four servers that provide public access for FTP, Web services, etc. from the Internet. Everything else is denied by a default rule.  There is a fifth public server that provides DNS - we are our primary and our ISP is secondary.  DHCP is handled by an internal server not the Sonicwall and it leases fully-qualified IP addresses.

The network is a mixed mode with the servers being W2K and NT4.  The clients are W95, W98, W2K, WXPro, and various Macintoshes.  The printers are accessed via tcp-ip and there is no print server.

I would like to use the DMZ and NAT along with non-routable IP addresses for our non-public servers, workstations, and printers.

I would like DHCP (using non-routable IPs) to be handled by the internal server and not the Sonicwall; is this possible? Or, will this interfere with the ability to use NAT? What would you recommend?

Thank you,
Theresa






0
Comment
Question by:tjheroff
  • 2
  • 2
5 Comments
 

Expert Comment

by:utahdevildog
ID: 9596158
DHCP and NAT do not have to be used together.  The only time I would recommend using the SonicWALL DHCP option is if you also run a VPN.  You will obviously have to set your public servers inside the DMZ with static routes still set.
0
 

Author Comment

by:tjheroff
ID: 9598994
Hello utahdevildog,

I would like to use an internal server for DHCP using non-routable IP addresses not the Sonicwall.  

If I do not need to run DHCP and NAT together can I run the Sonicwall in Standard mode using the non-routable IP addresses?

Thank you,
Theresa
0
 

Expert Comment

by:utahdevildog
ID: 9603575
You are still going to want to use NAT.  The no-routable IP addresses need to be changed to routable public addresses.  NAT performes this function for you.
0
 
LVL 5

Accepted Solution

by:
jeffkearns earned 250 total points
ID: 9603980
Not only can it be done, it's how it SHOULD be done.

Move your public servers to the DMZ and hard-code their IP information. Make sure you put the IP range of the DMZ in the configuration pages of the SonicWALL.

Enable NAT on the LAN port, and give it a non-routable address like 192.168.1.1.

Change all the scopes on your DHCP server to reflect your new non-routable range(s). Make sure DHCP is not enabled on the SonicWALL. Renew the IP addresses of all the clients on your network.

Setup your access rules on the SonicWALL to allow the appropriate traffic between the WAN/DMZ/LAN ports.

Finally, to answer your follow-up question: No, you can't use non-routable addresses in standard mode.

Jeff
0
 

Author Comment

by:tjheroff
ID: 9605800
Hello Jeff,

Thank you for the clarification! Have a good day.

Thanks again, Theresa
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now