kesslerkare
asked on
Configure the DMZ port on a Sonicwall TZ190 for LAN access
I need to allow access from the DMZ port on a TZ190 to a specific host on the private LAN port. I only need 4 TCP ports open. I can ping from LAN side to the serveron the DMZ but not the other way despite my access rules. This can be done, right, or is the DMZ by design not allowed to get to the LAN side?
I would simply "forward" the ports to the desired LAN IP address and keep the system out of the DMZ (especially if you are only utilizing 4 TCP ports!) Definitly set the IP to static or "reserved" via DHCP.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Very strange, I have this setup in use for quite some time, I don't have a NAT policy for this. Could you show us the NAT policy you had to create?!
As long as you understand the risks, you need to set the DMZ port to operate in Transparent Mode and map:
http://www.gnswireless.com/Sonicwall_OPT_Port.htm
Cheers!
Mike