How do I make it so that computers inside our Sonicwall's LAN can access a computer connected to sonicwall's WAN port?

Hello,
Our Sonicwall is connected directly to our T1 IAD/Router which then goes to the T1 company's data center. They offer a service where you can create an "always on", no configuration VPN connection between 1 Router on the T1 network and another one as long as they both use the same T1 company. Before installing the Sonicwall at location 1, we had this configured so that at location 1 (the 10.0.1.1 network), you could access the files of the other location 2 (the 10.0.2.1 network). so at location 1, typing in 10.0.2.100 would pull up the server at location 2 because that was the ip of the server, and at location 2 you could type in 10.0.1.100 and pull up the sever at location 1. Now that the sonicwall is in place at location 1, the ips are all 192.168.168.###, and we cannot pull up 10.0.2.100. We understand that with the sonicwall, it is understandable to not be able to pull up the files from location 1 at location2 which is okay - but we want to be able to pull up the files of location 2 while at location 1 because we used to do our backups from location 1 to location 2 (for offsite backups) by just typing in 10.0.2.100 as the place to backup to. How can we setup so that traffic to location 2 from location 1 is allowed and not blocked.
jeffschickAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ccomleyCommented:
I'm not following your description, I'm afraid.

Is the "target" server that used to be accessed as 10.0.1.1) now *behind* a Sonicwall?

If so, then you need to set up a NAT rule which maps the "public" Ip address of that server (10.0.1.1) to the "private" address (192.168.168.<x>). And a Firewall rule permitting "inbound" (WAN to LAN) access to that destination from the other network.

The sonicwall isn't a "brick wall", it's a MASSIVLY configurable tool which lets you *define* what is and what is not allowed.


If I'm not correctly understanding you, then please try again - clarify your description with a diagram if you can, and also tell us what model Sonicwalls are in use and if they are Standard or Enhanced OS units.

For example, as I'm seeing your network


LAN1----192.168.168.0/24------Svr=192.168.168.x----ws----ws---ws---ws----
  |
Sonicwall <model><OS>
 |
WAN zone 1 ----- 10.0.1.0/24------
 |
Service provided router
 |
WAN Zone 1 ------10.0.2.0/24-----
 |
Sonicwall <model><OS>
 |
LAN two ----- etc----



jeffschickAuthor Commented:
The target server is 10.0.2.1, which is not behind the sonicwall. it is located at another location, but with our ISP they create an always on VPN between the two locations. We are trying to get from a computer inside the sonicwall network (192.168.168.150) to the server outside the sonicwall network  - 10.0.2.1
I appreciate your help in helping me fix this weird problem. Thanks!
ccomleyCommented:
If the 10.0.2.1 address is OUTside your (only) sonicwall, it ought to be regared just as a "normal" WAN address, unless the sonciwall has been explicitly told to block that address for some reason.  The address is a martian - it must not be used on the internet, only in a private network. But you ARE in a private network, and there are no default rules in the sonicwall which assume the WAN side of the sonicwall is connected directly to the internet. Unless who-ever installed the sonicwall has put such an anti-martian rule in for you not realising it will cause problems.

Do you get any entry in the Sonicwall log when you try to access the remote server?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ccomleyCommented:
I'm assuming, by the way, taht there is only ONE connection to your ISP, via which you reach both the internet and the far end of the supplied VPN tunnel, and that the Sonicwall is NOW between your LAn and this connection point. If that's not correct, pls show how it all fits together.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.