Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Creating an Access Rule in SonicWall 2040 pro - Enhanced OS

Posted on 2009-02-09
Medium Priority
Last Modified: 2012-05-06
We are trying to open up port for our customer on their Sonicwall 2040.

They originally had port 25 opened to a group of IP ranges which works fine, i tried to duplicate this rule with our IP ranges but it didn't work (I created a new network object with our range and then added a access rule).

I then added our range to the group that they already had set up and this works fine.

However, we now need to open up another port (service) to our IP range so I'll need to create a new rule, however our connections are still being rejected.

Sorry for the vagueness, but do you have any ideas what I'm doing wrong?
Question by:WilliamIMS2
  • 3
  • 2

Author Comment

ID: 23588550
that should be with our* ranges not with out.
LVL 32

Accepted Solution

dpk_wal earned 1200 total points
ID: 23596889
For allowing inbound access that is exactly we do;
1. Create a Network Object with IP range/subnet/host/FQDN/MAC.
2. If needed create group address object.
3. Create a custom rule from WAN->LAN; specify services type [if not predefined then create one before hand], source as address object created above; destination as needed.

The only thing I think might be the problem is the order of the rule; the topmost rules has higher priority than the bottom most. On the firewall the rules are applied from top to bottom; and after the first rule match no other rules are looked at. There is a possibility that you have a less restrictive rule higher in the order; please move your rule up the order and this should solve the issue.

Please implement and update.

Thank you.
LVL 32

Expert Comment

ID: 23596907
You can change the priority ranking of an access rule by clicking the Arrows icon in the Priority
column. The Change Priority window is displayed. Enter the new priority number (1-10) in the
Priority field, and click OK. 1 being the highest priority.

Thank you.

Author Comment

ID: 23598630
Hi dpk,

This is exactly what we did.

1. We created a new network object with our IP range
2. Created a wan --> lan rule to allow access to port 25 from our network object
3. Moved the rule to the top of the list

Our connections are then immediately rejected.

I then changed the rule too allow access from 'any' and our connections were still immediately rejected.

However, adding our Network object to their already defined rule for port 25 allowed us access.

I now need to open up port 389 and we are having the same problem. I'm creating a rule that is identical to the one that works but the firewall immediately rejects our connections - I'm sure there is something simple that I am overlooking.

Thanks a lot for your help.
LVL 32

Expert Comment

ID: 23602625
Can post some sanitized logs which would indicate what is blocking the traffic; also have you configured NAT for the internal server.

Thank you.

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question