Solved

Cannot connect to devices behind Cable Router and Sonicwall Firewall

Posted on 2010-09-14
11
337 Views
Last Modified: 2012-06-21
We have a business internet account with Comcast.
They provided and router/firewall. Behind that I have a Sonicwall TZ170 Standard.
Right now we are using the sonicwall to establish a Point to Point VPN with another sonicwall at a remote office.

The problem I am having is being able to use Remote Desktop to access the servers behind the firewall on the comcast side.

the way I have this set up is a 1-1 Nat on the Comcast device that takes the public IP's and Nat it to a private IP on the WAN side of the Sonicwall. Then I have set up another 1-1 Nat on the Sonicwall to translate the WAN IP subnet to LAN IP subnet. And the respective rules to allow access to the specified LAN servers.

But I am not able to get access and was hoping someone could help me out with this.
0
Comment
Question by:sparkis
  • 6
  • 5
11 Comments
 
LVL 5

Expert Comment

by:richy92
ID: 33671772
Have you tried connecting a laptop after the comcast device and before the sonicwall - see if you can RDP to that, it won't fix the problem but it may help you narrow down what is causing it ?
0
 

Author Comment

by:sparkis
ID: 33671811
Yes I can.
0
 
LVL 5

Accepted Solution

by:
richy92 earned 500 total points
ID: 33671921
Then it look like a problem with the config on the sonicwall device - are you sure you have the natting setup correctly and the rules to allow RDP (tcp 3389 I think)

You could set an "any - any" rule on the sonicwall and test it again, if it works then it maybe the nat setup, if not then it maybe a problem with the rules
0
Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

 

Author Comment

by:sparkis
ID: 33672233
on Comcast Public IP Nat to 10.1.x.x
Sonciwall IP Nat 10.1.x.x to 192.168.x.x

Sonicwall Wall Rule - Any to LAN (192.168.x.x) ~remote desktop server using Terminal Server Rule.
0
 
LVL 5

Expert Comment

by:richy92
ID: 33672635
how big is your external range ? What subnet masks are you using ?
public IP to 10.1.x.x is a huge range (10.1.1.1 - 10.1.255.255) are you sure this is correct ?
0
 

Author Comment

by:sparkis
ID: 33672646
class C
everything is set up correctly.
0
 
LVL 5

Expert Comment

by:richy92
ID: 33672758
Did your ISP give you a class C public range - I find that a little odd, that would indicate you have 254 availble public ip addresses - this would be extremely unusual as the world is running out of IPv4 addresses and ISPs are getting a bit tight about handing them out.
I would think it more likely that you have a subset of a class C maybe 16 or 32 addresses with a .240 or .224 mask ?

If you can provide some more info I will try to help, although sonicwall is not something i use often
0
 

Author Comment

by:sparkis
ID: 33673067
No a 10.1.x.x is a private range. not public. that is not the issue.

I fixed the problem - or the isp did. even though I disabled settings on their firewall it was not applying them. Tier 2 stepped in and corrected the issue.
I thought the issue was the dual nat but now everything is working fine.

Thanks anyway for your help.
0
 

Author Comment

by:sparkis
ID: 33673360
I just used x.x to not specify any of my info
0
 
LVL 5

Expert Comment

by:richy92
ID: 33674392
GLad you got it fixed
0
 

Author Closing Comment

by:sparkis
ID: 33793126
i just need to ask a new questions and it wont allow me with this abandoned questions
0

Featured Post

Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
EIGRP Bandwidth 9 43
Usage of Prefix-List 5 47
Failover for DMVPN 3 32
Objects in Cisco ASA 2 6
AWS has developed and created its highly available global infrastructure allowing users to deploy and manage their estates all across the world through the use of the following geographical components   RegionsAvailability ZonesEdge Locations  Wh…
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question