Solved

Cannot connect to devices behind Cable Router and Sonicwall Firewall

Posted on 2010-09-14
11
334 Views
Last Modified: 2012-06-21
We have a business internet account with Comcast.
They provided and router/firewall. Behind that I have a Sonicwall TZ170 Standard.
Right now we are using the sonicwall to establish a Point to Point VPN with another sonicwall at a remote office.

The problem I am having is being able to use Remote Desktop to access the servers behind the firewall on the comcast side.

the way I have this set up is a 1-1 Nat on the Comcast device that takes the public IP's and Nat it to a private IP on the WAN side of the Sonicwall. Then I have set up another 1-1 Nat on the Sonicwall to translate the WAN IP subnet to LAN IP subnet. And the respective rules to allow access to the specified LAN servers.

But I am not able to get access and was hoping someone could help me out with this.
0
Comment
Question by:sparkis
  • 6
  • 5
11 Comments
 
LVL 5

Expert Comment

by:richy92
ID: 33671772
Have you tried connecting a laptop after the comcast device and before the sonicwall - see if you can RDP to that, it won't fix the problem but it may help you narrow down what is causing it ?
0
 

Author Comment

by:sparkis
ID: 33671811
Yes I can.
0
 
LVL 5

Accepted Solution

by:
richy92 earned 500 total points
ID: 33671921
Then it look like a problem with the config on the sonicwall device - are you sure you have the natting setup correctly and the rules to allow RDP (tcp 3389 I think)

You could set an "any - any" rule on the sonicwall and test it again, if it works then it maybe the nat setup, if not then it maybe a problem with the rules
0
 

Author Comment

by:sparkis
ID: 33672233
on Comcast Public IP Nat to 10.1.x.x
Sonciwall IP Nat 10.1.x.x to 192.168.x.x

Sonicwall Wall Rule - Any to LAN (192.168.x.x) ~remote desktop server using Terminal Server Rule.
0
 
LVL 5

Expert Comment

by:richy92
ID: 33672635
how big is your external range ? What subnet masks are you using ?
public IP to 10.1.x.x is a huge range (10.1.1.1 - 10.1.255.255) are you sure this is correct ?
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 

Author Comment

by:sparkis
ID: 33672646
class C
everything is set up correctly.
0
 
LVL 5

Expert Comment

by:richy92
ID: 33672758
Did your ISP give you a class C public range - I find that a little odd, that would indicate you have 254 availble public ip addresses - this would be extremely unusual as the world is running out of IPv4 addresses and ISPs are getting a bit tight about handing them out.
I would think it more likely that you have a subset of a class C maybe 16 or 32 addresses with a .240 or .224 mask ?

If you can provide some more info I will try to help, although sonicwall is not something i use often
0
 

Author Comment

by:sparkis
ID: 33673067
No a 10.1.x.x is a private range. not public. that is not the issue.

I fixed the problem - or the isp did. even though I disabled settings on their firewall it was not applying them. Tier 2 stepped in and corrected the issue.
I thought the issue was the dual nat but now everything is working fine.

Thanks anyway for your help.
0
 

Author Comment

by:sparkis
ID: 33673360
I just used x.x to not specify any of my info
0
 
LVL 5

Expert Comment

by:richy92
ID: 33674392
GLad you got it fixed
0
 

Author Closing Comment

by:sparkis
ID: 33793126
i just need to ask a new questions and it wont allow me with this abandoned questions
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times where you would like to have access to information that is only available from a different network. This network could be down the hall, or across country. If each of the network sites have access to the internet, you can create a ne…
If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now