Solved

SonicWall Pro 100 Standard to NAT Mode

Posted on 2003-10-21
5
647 Views
Last Modified: 2011-10-03
Hello,

I am currently running a Sonicwall Pro 100 in Standard mode without utilizing the DMZ or NAT.  The only device connected to the WAN link is the router.  There are rules to access four servers that provide public access for FTP, Web services, etc. from the Internet. Everything else is denied by a default rule.  There is a fifth public server that provides DNS - we are our primary and our ISP is secondary.  DHCP is handled by an internal server not the Sonicwall and it leases fully-qualified IP addresses.

The network is a mixed mode with the servers being W2K and NT4.  The clients are W95, W98, W2K, WXPro, and various Macintoshes.  The printers are accessed via tcp-ip and there is no print server.

I would like to use the DMZ and NAT along with non-routable IP addresses for our non-public servers, workstations, and printers.

I would like DHCP (using non-routable IPs) to be handled by the internal server and not the Sonicwall; is this possible? Or, will this interfere with the ability to use NAT? What would you recommend?

Thank you,
Theresa






0
Comment
Question by:tjheroff
  • 2
  • 2
5 Comments
 

Expert Comment

by:utahdevildog
ID: 9596158
DHCP and NAT do not have to be used together.  The only time I would recommend using the SonicWALL DHCP option is if you also run a VPN.  You will obviously have to set your public servers inside the DMZ with static routes still set.
0
 

Author Comment

by:tjheroff
ID: 9598994
Hello utahdevildog,

I would like to use an internal server for DHCP using non-routable IP addresses not the Sonicwall.  

If I do not need to run DHCP and NAT together can I run the Sonicwall in Standard mode using the non-routable IP addresses?

Thank you,
Theresa
0
 

Expert Comment

by:utahdevildog
ID: 9603575
You are still going to want to use NAT.  The no-routable IP addresses need to be changed to routable public addresses.  NAT performes this function for you.
0
 
LVL 5

Accepted Solution

by:
jeffkearns earned 250 total points
ID: 9603980
Not only can it be done, it's how it SHOULD be done.

Move your public servers to the DMZ and hard-code their IP information. Make sure you put the IP range of the DMZ in the configuration pages of the SonicWALL.

Enable NAT on the LAN port, and give it a non-routable address like 192.168.1.1.

Change all the scopes on your DHCP server to reflect your new non-routable range(s). Make sure DHCP is not enabled on the SonicWALL. Renew the IP addresses of all the clients on your network.

Setup your access rules on the SonicWALL to allow the appropriate traffic between the WAN/DMZ/LAN ports.

Finally, to answer your follow-up question: No, you can't use non-routable addresses in standard mode.

Jeff
0
 

Author Comment

by:tjheroff
ID: 9605800
Hello Jeff,

Thank you for the clarification! Have a good day.

Thanks again, Theresa
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question