Solved

SonicWall Policy NAT

Posted on 2010-08-14
8
618 Views
Last Modified: 2013-11-16
I want to config a Sonicwall 2400 to NAT the LAN IP 172.16.0.0/24 to 10.76.0.100 IF the DESTINATION is 10.75.0.0/24.   The 10.76.0.0/24 Network is on another internal router but I need to NAT it due to 172.16.0.0/24 IP overlap on a L2L VPN.  

Is it possible to NAT on a LAN interface and then add a static route(NAT IP 10.76.0.100) to another inside router(10.76.0.1) using the SonicWall 2400?
0
Comment
Question by:hancke
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
8 Comments
 
LVL 24

Expert Comment

by:rfc1180
ID: 33438294
0
 
LVL 33

Expert Comment

by:digitap
ID: 33438405
Yes.  The instructions show how to NAT before sending over a VPN which is essentially what's happening.  The sonicwall sees where the source IP is going and that it must NAT that to a "local hide" IP, then sends it to the destination.  If you don't need it to go over a VPN, then you can ignore the VPN steps in the instructions provided by rfc1180.
0
 
LVL 3

Author Comment

by:hancke
ID: 33438506
Do you know if Sonicwall will NAT LAN traffic without it going out the WAN?  Basically will it NAT on the same interface without going across 2 interfaces?

I'll try the NAT portion of the VPN setup.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 33

Expert Comment

by:digitap
ID: 33438535
Possibly.  You'd just need to make sure you get the NAT correct.  If you have enhanced OS, you can get fairly granular with the NAT rules.

I've always used this when i needed to mask a local network when the destination network was using the same IP network.
0
 
LVL 33

Accepted Solution

by:
digitap earned 500 total points
ID: 33438548
I think you'd do it like this:

Original Source: 172.16.0.0/24
Translated Source: 10.76.0.100

Original Destination: 10.75.0.0/24
Translated Destination: Original

Original Service: Any
Translated Service: Original

Inbound Interface: Any
Outbound Interface: Any

When you create the NAT, click the box for Creating a reflexive policy to NAT the traffic back to the local network.
0
 
LVL 3

Author Comment

by:hancke
ID: 33438587
I have the NAT policies built and the routing setup.  I'll have to try it Monday when I can get to a PC to test it.
I've done NAT policy and policy routing but it has always been to the WAN or VPN.  Never just on the LAN.
Thanks for the help!
0
 
LVL 33

Expert Comment

by:digitap
ID: 33438698
yes...the most complicated i've managed is a point to point VPN where the primary IP networks were the same, but each side had other networks that weren't NAT'd.  it's fun.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33468065
thanks for the points!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VLAN CONFIGURATION 2 60
what is mstp 6 65
Cisco router 4400 and switch connection. 27 52
HP 2530 switch and routing 4 63
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question