SMC->Sonicwall->Switch->Remote Web Workplace

Hello everyone,

I have seen similar posts on here regarding this type of question but I can't seem to get a grasp on applying it to my own situation.

Ultimate goal is to have users access Remote Web Workplace over the internet. We just got a Comcast SMC IP Gateway along with our 5 static IPs, and a Sonicwall TZ100.

I know there is something I am missing, but here is the information I am working with:

Public IP: 173.xxx.xxx.174
SMC LAN IP: 10.1.10.1
Sonicwall WAN IP: 10.1.10.11
Sonicwall LAN IP: 192.168.1.4
Windows SBS: 192.168.1.65

I tried configuring the firewall settings on the Sonicwall via the "public server" wizard. I tried to browse to https://173.xxx.xxx.174/remote with no luck. Looking at the Sonicwall, it said it did not recieve any packets regarding that firewall rule. Browsing to just http://173.xxx.xxx.174/ brings me to the Comcast SMC management page. Is there any type of conflict going on here?

Really, I just want the SMC router to act as a bridge, I just want it to pass all traffic striaght to the Sonicwall for filtering.
w00tixAsked:
Who is Participating?
 
Cas KristCommented:
You have 5 static IP's. You should try to get at least one Public IP on the Sonicwall. This makes things a lot easier. Maybe consult your ISP.
Then you can use the public server wizard
0
 
naykamCommented:
Try a different port for accessing /remote.

For example, configure the firewall to accept on another port.

EG https://173.xxx.xxx.174:8082/remote

You will still have to ensure that the gateway is forwarding traffic. Not familiar with that device, but it should allow NAT'ing or traffic passthrough
0
 
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
What you need to do is to get your ISP to configure the SMC router to be in transparent mode.

This way, your sonicwall becomes the real internet router/firewall and not just some device that has NAT rules applied to it.
0
Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

 
w00tixAuthor Commented:
Thank you for the comments everyone, I think what I would like to do is what caskrist recommended and put a public IP on the Sonicwall (Seems the easiest). If I were to do that, should I assign the public IP to the Sonicwall WAN IP, or just hook another interface up directly to the SMC?

Right now, the LAN interface on the SMC and the WAN interface on the Sonicwall are both a private 10.1.10.0 address. If I change the WAN IP, won't that cut off communication between the two devices?
0
 
naykamCommented:
make the WAN public, I think this is what we all are getting at. It really depends on how your SMC can be configured. Becuase if they can make it transparent, then you could switch out your 5 public IP's and use one for your sonicwall LAN.

EG:


ISP --->  SMC ----> Switch ----> Public IP 1 - Sonicwall
                                           ----> Public IP 2 - Example
                                           ----> Public IP 3 - Example

It will make it easier for VPN routing etc.
0
 
Cas KristCommented:
I don't know how it is done with your provider, but my provider manages the DSL modem. The provider has to put the modem into bridging mode. I think your subnet mask goes like this 255.255.255.248 (or maybe not, please inform us). With this situation the modem gets one public ip address, another public ip address for the sonicwall and the modem is the gateway for the sonicwall. I've seen modems which you can configure yourself, but it never hurts to ask your provider for help.
0
 
w00tixAuthor Commented:
Comcast provided the SMC IP Gateway, along with 6 IPs. One of the IPs is automatically associated with the device (173.xxx.xxx.174) and 5 are just extra. There is a option for 1-to-1 NAT...is that something could be considered 'transparent' mode? If I were to put another public IP address on the Sonicwall WAN interface, could i use the 1-to-1 NAT with that? I am going to call Comcast later today also to ask about it.
0
 
naykamCommented:
in theory yes, becuase it will NAT the public through, but it depends on how the SMC treats the IP it is allocated. Speak to comcast, they will give you the best option. They would do this stuff all the time.
0
 
w00tixAuthor Commented:
Thank you, will close this as soon as I talk to Comcast... Not sure who to award points to since all of you provided helpful information... Can I award all of you or is that too many people?
0
 
naykamCommented:
Comcast will assist you with exactly what you need. It shouldnt take you / them too long to configure.

the points are at your discretion
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.