?
Solved

How do I make it so that computers inside our Sonicwall's LAN can access a computer connected to sonicwall's WAN port?

Posted on 2008-11-15
4
Medium Priority
?
216 Views
Last Modified: 2013-11-16
Hello,
Our Sonicwall is connected directly to our T1 IAD/Router which then goes to the T1 company's data center. They offer a service where you can create an "always on", no configuration VPN connection between 1 Router on the T1 network and another one as long as they both use the same T1 company. Before installing the Sonicwall at location 1, we had this configured so that at location 1 (the 10.0.1.1 network), you could access the files of the other location 2 (the 10.0.2.1 network). so at location 1, typing in 10.0.2.100 would pull up the server at location 2 because that was the ip of the server, and at location 2 you could type in 10.0.1.100 and pull up the sever at location 1. Now that the sonicwall is in place at location 1, the ips are all 192.168.168.###, and we cannot pull up 10.0.2.100. We understand that with the sonicwall, it is understandable to not be able to pull up the files from location 1 at location2 which is okay - but we want to be able to pull up the files of location 2 while at location 1 because we used to do our backups from location 1 to location 2 (for offsite backups) by just typing in 10.0.2.100 as the place to backup to. How can we setup so that traffic to location 2 from location 1 is allowed and not blocked.
0
Comment
Question by:jeffschick
  • 3
4 Comments
 
LVL 17

Expert Comment

by:ccomley
ID: 22983858
I'm not following your description, I'm afraid.

Is the "target" server that used to be accessed as 10.0.1.1) now *behind* a Sonicwall?

If so, then you need to set up a NAT rule which maps the "public" Ip address of that server (10.0.1.1) to the "private" address (192.168.168.<x>). And a Firewall rule permitting "inbound" (WAN to LAN) access to that destination from the other network.

The sonicwall isn't a "brick wall", it's a MASSIVLY configurable tool which lets you *define* what is and what is not allowed.


If I'm not correctly understanding you, then please try again - clarify your description with a diagram if you can, and also tell us what model Sonicwalls are in use and if they are Standard or Enhanced OS units.

For example, as I'm seeing your network


LAN1----192.168.168.0/24------Svr=192.168.168.x----ws----ws---ws---ws----
  |
Sonicwall <model><OS>
 |
WAN zone 1 ----- 10.0.1.0/24------
 |
Service provided router
 |
WAN Zone 1 ------10.0.2.0/24-----
 |
Sonicwall <model><OS>
 |
LAN two ----- etc----



0
 

Author Comment

by:jeffschick
ID: 22985042
The target server is 10.0.2.1, which is not behind the sonicwall. it is located at another location, but with our ISP they create an always on VPN between the two locations. We are trying to get from a computer inside the sonicwall network (192.168.168.150) to the server outside the sonicwall network  - 10.0.2.1
I appreciate your help in helping me fix this weird problem. Thanks!
0
 
LVL 17

Accepted Solution

by:
ccomley earned 2000 total points
ID: 22985738
If the 10.0.2.1 address is OUTside your (only) sonicwall, it ought to be regared just as a "normal" WAN address, unless the sonciwall has been explicitly told to block that address for some reason.  The address is a martian - it must not be used on the internet, only in a private network. But you ARE in a private network, and there are no default rules in the sonicwall which assume the WAN side of the sonicwall is connected directly to the internet. Unless who-ever installed the sonicwall has put such an anti-martian rule in for you not realising it will cause problems.

Do you get any entry in the Sonicwall log when you try to access the remote server?

0
 
LVL 17

Expert Comment

by:ccomley
ID: 22985754
I'm assuming, by the way, taht there is only ONE connection to your ISP, via which you reach both the internet and the far end of the supplied VPN tunnel, and that the Sonicwall is NOW between your LAn and this connection point. If that's not correct, pls show how it all fits together.

0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month13 days, 18 hours left to enroll

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question