• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 974
  • Last Modified:

How do i configure the sonicwall 1260 to route HTTP traffic to multiple servers behind the firewall?

I am using a Sonicwall 1260 and have a single public IP address.  I would like to map this single IP address to multiple servers behind the firewall.  These servers use private IPs.  Each of them is a webserver that provides a different service.  (Website, MS CRM and TS Web Access) How do i configure the firewall to route properly?  If I edit the site bindings and use an alternate port...then how do i configure the 1260?  I don't see anything in the wizards.  Thank so much in advance.
0
BrockClayton666
Asked:
BrockClayton666
  • 4
  • 2
1 Solution
 
nasirshCommented:
Well what you can do is you can forward ports with your sonic to your servers. Assign each server a different port and it will forward it to your servers
0
 
BrockClayton666Author Commented:
Thanks Nasirsh!  Is the possible through the public access wizars?  How do i forward the ports?
0
 
VCBoothCommented:
you need to go into Firewall and Services and add custom services for your ports - ie if using port 80 then its already there are HTTP, however, if you had 81 then you create a new service (eg HTTP81 - TCP Port 81).  Once you have created these custom services then run the wizard for public access - upon doing this you can select the service and the SonicWALL will create it for you.  Point the public IP address and service to the private IP address and you're done.  Goodluck.
0
Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

 
BrockClayton666Author Commented:
Thanks VCBOOTH!  

Ok...so i have created a new service and gone through the wizard and it looks as though everything is set up properly on the sonic wall.  When i attempt to hit the site however it is not working.  

Here is what I've done so far:

1.  Set up the service in the sonic wall to forward all traffic on port 5555 to my internal IP address of 10.10.1.XXX. (running IIS 7 on server 2008)
2.  In IIS manager i have edited the site bindings for the default website and added port "5555"  I am able to browse the site normally when i am physically logged into the server (http://localhost:5555 & 10.10.1.XXX:5555)  
3.  I am NOT able to access the site using 10.10.1.xxx:5555 unless i am logged into the server.  When trying to access the site from another computer logged into the domainn i get the page cannot be displayed error.  If i try 10.10.1.xxx i get right in.

What am i missing guys and girls?  
0
 
VCBoothCommented:
Can you access the site from the PUBLIC_IP:5555 that you have mapped using the firewall?

Can you ping 10.10.1.xxx from the firewall and other PC's?

Within IIS 7 check that it is definately mapped to the IP address 10.10.1.xxx

Are there multiple websites running on IIS 7?  If so, check they all map to individual IP addresses and/or have different ports.
0
 
BrockClayton666Author Commented:
VCBOOTH:  

I can't access the site from PUBLIC_IP:5555.

I can ping 10.10.1.XXX successfully from other computers on the domain.

Within IIS there is only one website and it is in fact configured with the 5555 binding.  Once again i am able to browse the site on the local machine.  I just can't get to it using the 5555 port from any where else.

:-(
0
 
BrockClayton666Author Commented:
the routing advise you gave me was spot on.  there was one additional issue though.  i needed to enable port 5555 on the server's firewall.

many thanks.

0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now