• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 341
  • Last Modified:

Cannot connect to devices behind Cable Router and Sonicwall Firewall

We have a business internet account with Comcast.
They provided and router/firewall. Behind that I have a Sonicwall TZ170 Standard.
Right now we are using the sonicwall to establish a Point to Point VPN with another sonicwall at a remote office.

The problem I am having is being able to use Remote Desktop to access the servers behind the firewall on the comcast side.

the way I have this set up is a 1-1 Nat on the Comcast device that takes the public IP's and Nat it to a private IP on the WAN side of the Sonicwall. Then I have set up another 1-1 Nat on the Sonicwall to translate the WAN IP subnet to LAN IP subnet. And the respective rules to allow access to the specified LAN servers.

But I am not able to get access and was hoping someone could help me out with this.
0
sparkis
Asked:
sparkis
  • 6
  • 5
1 Solution
 
richy92Commented:
Have you tried connecting a laptop after the comcast device and before the sonicwall - see if you can RDP to that, it won't fix the problem but it may help you narrow down what is causing it ?
0
 
sparkisAuthor Commented:
Yes I can.
0
 
richy92Commented:
Then it look like a problem with the config on the sonicwall device - are you sure you have the natting setup correctly and the rules to allow RDP (tcp 3389 I think)

You could set an "any - any" rule on the sonicwall and test it again, if it works then it maybe the nat setup, if not then it maybe a problem with the rules
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
sparkisAuthor Commented:
on Comcast Public IP Nat to 10.1.x.x
Sonciwall IP Nat 10.1.x.x to 192.168.x.x

Sonicwall Wall Rule - Any to LAN (192.168.x.x) ~remote desktop server using Terminal Server Rule.
0
 
richy92Commented:
how big is your external range ? What subnet masks are you using ?
public IP to 10.1.x.x is a huge range (10.1.1.1 - 10.1.255.255) are you sure this is correct ?
0
 
sparkisAuthor Commented:
class C
everything is set up correctly.
0
 
richy92Commented:
Did your ISP give you a class C public range - I find that a little odd, that would indicate you have 254 availble public ip addresses - this would be extremely unusual as the world is running out of IPv4 addresses and ISPs are getting a bit tight about handing them out.
I would think it more likely that you have a subset of a class C maybe 16 or 32 addresses with a .240 or .224 mask ?

If you can provide some more info I will try to help, although sonicwall is not something i use often
0
 
sparkisAuthor Commented:
No a 10.1.x.x is a private range. not public. that is not the issue.

I fixed the problem - or the isp did. even though I disabled settings on their firewall it was not applying them. Tier 2 stepped in and corrected the issue.
I thought the issue was the dual nat but now everything is working fine.

Thanks anyway for your help.
0
 
sparkisAuthor Commented:
I just used x.x to not specify any of my info
0
 
richy92Commented:
GLad you got it fixed
0
 
sparkisAuthor Commented:
i just need to ask a new questions and it wont allow me with this abandoned questions
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

  • 6
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now