[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 642
  • Last Modified:

Need to kniow specifics on how to configure a sonicwall tz100 for two wan gateways.

I have  a tz100 that has x0, x1, and x2.
X0 is setup as the lan with a 10.x.x.x
x1 is setup as wan side
x2 I need to hook to a different isp.
I want my servers to use the x2 wan connection for internet and everything else to remain on the x1 for internet.
I was thinking I could setup two gateways the 10.x.x.x natted to the x1 wan side gives access to the computers.
Would I just put the ip address of the x2 side in the gateway box of my 2003 servers and then setup dns forwarders?
How does the sonicwall translate or nat to x2 since x1 is already natted to x0?
0
kallatech
Asked:
kallatech
  • 11
  • 8
1 Solution
 
kallatechAuthor Commented:
Or do I need to setup another lan port on the sonicwall?
0
 
Cas KristCommented:
DO you have SonicOS Standard or Enhanced?
0
 
Cas KristCommented:
No the default gateway of the servers remain the same, the LAN-ip of your Sonicwall. You will have to create NAT-policies for your servers.
0
Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

 
kallatechAuthor Commented:
Enhanced
So you are saying that I will have to create the nat policy through the sonicwall and direct the traffic out the x2 interface?
0
 
kallatechAuthor Commented:
How would I set one of those policies up?
0
 
Cas KristCommented:
Source: servers private (create a group of your server addresses)
Translated: secondary default gateway
Original destination: Any
Translated destination: original
original service: any
translated service: original
inbound interface: any
Outbound interface: X2

(or something like that, I am not able to check it right now, I hope someone can verify)
0
 
Cas KristCommented:
sry, I think Translated: 'secondary default gateway' should be 'X2 IP'
0
 
kallatechAuthor Commented:
Would I do something like
source > firewalled subnets
translated > x2 interface name
destination original > x2 interface name
translated> ip address of internal server on the lan
service> http or any
translated > original
inbound > x2 interface name
outbound > x2 interface name
0
 
Cas KristCommented:
0
 
Cas KristCommented:
I am using X3, not X2
0
 
Cas KristCommented:
But your Original source has to be changed! It is only for your servers.
0
 
kallatechAuthor Commented:
source > ip address of server


so that takes care of the traffice going out but what about traffic coming in?
0
 
Cas KristCommented:
You can also try running the public server wizard, this takes care of the inbound, outbound and loopback policy as well as your firewall rules.
0
 
kallatechAuthor Commented:
source > ip address of internal server
translated > x2 interface name
destination original > any
translated> original
service> http or any
translated > original
inbound > x0
outbound > x2 interface name

The above setup would work for outbound traffic but what about inbound traffic?
0
 
Cas KristCommented:
Just for fun, try the public server wizard, only for the http service and see what it does. Make a printscreen before and after (nat policies and firewall).
0
 
Cas KristCommented:
You can change the service when it opens too much for you.
0
 
kallatechAuthor Commented:
for inbound traffic
source >x2
translated > group of servers
destination original > any
translated> original
service> http or any
translated > original
inbound > x2
outbound >xo

0
 
Cas KristCommented:
Here you get an example of the NAT policies created by the public server wizard.
rule 17 is the loopback policy, 18 is outboud, 19 is inbound.
natpolicy.png
0
 
kallatechAuthor Commented:
Okay I will try that.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 11
  • 8
Tackle projects and never again get stuck behind a technical roadblock.
Join Now