SMC->Sonicwall->Switch->Remote Web Workplace

Hello everyone,

I have seen similar posts on here regarding this type of question but I can't seem to get a grasp on applying it to my own situation.

Ultimate goal is to have users access Remote Web Workplace over the internet. We just got a Comcast SMC IP Gateway along with our 5 static IPs, and a Sonicwall TZ100.

I know there is something I am missing, but here is the information I am working with:

Public IP: 173.xxx.xxx.174
SMC LAN IP: 10.1.10.1
Sonicwall WAN IP: 10.1.10.11
Sonicwall LAN IP: 192.168.1.4
Windows SBS: 192.168.1.65

I tried configuring the firewall settings on the Sonicwall via the "public server" wizard. I tried to browse to https://173.xxx.xxx.174/remote with no luck. Looking at the Sonicwall, it said it did not recieve any packets regarding that firewall rule. Browsing to just http://173.xxx.xxx.174/ brings me to the Comcast SMC management page. Is there any type of conflict going on here?

Really, I just want the SMC router to act as a bridge, I just want it to pass all traffic striaght to the Sonicwall for filtering.
w00tixAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

naykamCommented:
Try a different port for accessing /remote.

For example, configure the firewall to accept on another port.

EG https://173.xxx.xxx.174:8082/remote

You will still have to ensure that the gateway is forwarding traffic. Not familiar with that device, but it should allow NAT'ing or traffic passthrough
0
Cas KristCommented:
You have 5 static IP's. You should try to get at least one Public IP on the Sonicwall. This makes things a lot easier. Maybe consult your ISP.
Then you can use the public server wizard
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
What you need to do is to get your ISP to configure the SMC router to be in transparent mode.

This way, your sonicwall becomes the real internet router/firewall and not just some device that has NAT rules applied to it.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

w00tixAuthor Commented:
Thank you for the comments everyone, I think what I would like to do is what caskrist recommended and put a public IP on the Sonicwall (Seems the easiest). If I were to do that, should I assign the public IP to the Sonicwall WAN IP, or just hook another interface up directly to the SMC?

Right now, the LAN interface on the SMC and the WAN interface on the Sonicwall are both a private 10.1.10.0 address. If I change the WAN IP, won't that cut off communication between the two devices?
0
naykamCommented:
make the WAN public, I think this is what we all are getting at. It really depends on how your SMC can be configured. Becuase if they can make it transparent, then you could switch out your 5 public IP's and use one for your sonicwall LAN.

EG:


ISP --->  SMC ----> Switch ----> Public IP 1 - Sonicwall
                                           ----> Public IP 2 - Example
                                           ----> Public IP 3 - Example

It will make it easier for VPN routing etc.
0
Cas KristCommented:
I don't know how it is done with your provider, but my provider manages the DSL modem. The provider has to put the modem into bridging mode. I think your subnet mask goes like this 255.255.255.248 (or maybe not, please inform us). With this situation the modem gets one public ip address, another public ip address for the sonicwall and the modem is the gateway for the sonicwall. I've seen modems which you can configure yourself, but it never hurts to ask your provider for help.
0
w00tixAuthor Commented:
Comcast provided the SMC IP Gateway, along with 6 IPs. One of the IPs is automatically associated with the device (173.xxx.xxx.174) and 5 are just extra. There is a option for 1-to-1 NAT...is that something could be considered 'transparent' mode? If I were to put another public IP address on the Sonicwall WAN interface, could i use the 1-to-1 NAT with that? I am going to call Comcast later today also to ask about it.
0
naykamCommented:
in theory yes, becuase it will NAT the public through, but it depends on how the SMC treats the IP it is allocated. Speak to comcast, they will give you the best option. They would do this stuff all the time.
0
w00tixAuthor Commented:
Thank you, will close this as soon as I talk to Comcast... Not sure who to award points to since all of you provided helpful information... Can I award all of you or is that too many people?
0
naykamCommented:
Comcast will assist you with exactly what you need. It shouldnt take you / them too long to configure.

the points are at your discretion
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking Hardware-Other

From novice to tech pro — start learning today.