Solved

SonicWall TZ 180

Posted on 2010-09-23
17
931 Views
Last Modified: 2013-11-16
I have a SonicWall TZ180 at a smaller location, I have two servers that sit behind the firewall and only a single IP, is there a way to NAT so that I can get from the PUBLIC IP to both of those servers?  There is no license for Global VPN Client on this firewall or i would just use that.

thanks for the help
0
Comment
Question by:dwaynem2345
  • 5
  • 5
  • 5
  • +1
17 Comments
 
LVL 33

Expert Comment

by:digitap
ID: 33744092
The 180 should have at least come with one ssl-vpn licnese, so all you'd need to do is configure it on the appliance.  alternatively, you can change the RDP port on the second server.  on the 180, create a new service to match the port you change the second server to.  then, run the public server wizard twice.  the first time you specify the default rdp port.  the second time you specify the new service.  when you rdp to the second server, you specify the port you created.Here is a KB for setting up the ssl-vpn:http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=6461
0
 

Author Comment

by:dwaynem2345
ID: 33744441
I will look at trying both
0
 
LVL 33

Expert Comment

by:digitap
ID: 33744567
sounds good...let us know if you run into any challenges...
0
How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

 

Author Comment

by:dwaynem2345
ID: 33744582
Currently the software is the standard version, do i have to upgrade to enhanced first?
0
 
LVL 33

Expert Comment

by:digitap
ID: 33744926
Sorry.  Yes, you need the enhanced to use the SSL-VPN functionality.  I didn't think to ask.  I've not seen the 180 with Standard.  All the appliances we sell have Enhanced.  Here is a link to help open the ports with Standard OS.

http://bit.ly/99ZqpD
0
 
LVL 32

Expert Comment

by:nappy_d
ID: 33752568
The Sonicwall might come with only one GVC license but it has upto 10 free L2TP or PPTP connections or (I think) 5 VPN site to site licenses.

You can use those free!  

Now that aside, what are you trying to connect to on these two servers? RDP, http, FTP, or something else. Are they the same on both servers or different applications and ports?
0
 

Author Comment

by:dwaynem2345
ID: 33752983
RDP for both, I can change the ports if necessary
0
 
LVL 32

Expert Comment

by:nappy_d
ID: 33753062
There will be no need to change server listening ports for services.  Once you connect to the VPN endpoint, the remote computer(s) will act as if they are local to the servers.

There will also be no need to NAT anything either.
0
 

Author Comment

by:dwaynem2345
ID: 33753096
problem for the site to site, the remote site that connects to these does not have a firewall, and since the global vpn client has no licenses..that is why i was trying to NAT
0
 
LVL 32

Expert Comment

by:nappy_d
ID: 33753152
What are the remote site clients using for computers?  Windows or Macs?
0
 

Author Comment

by:dwaynem2345
ID: 33753231
Windows
0
 
LVL 32

Accepted Solution

by:
nappy_d earned 250 total points
ID: 33753343
Great so then configure L2TP connections as you are allowed 10 concurrent with the standard version of the Sonicwall OS.

For Windows clients:
http://support.microsoft.com/kb/281555

For the Sonicwall,these instructions are in your manual.  Pretty easy to do.  It's been a while since I set mine up for a client.. But just try it and ask if you have questions...
0
 
LVL 33

Expert Comment

by:digitap
ID: 33753399
@nappy :: I forgot about L2TP/PPTP connections, but connecting clients to the sonicwall in this manner requires the enhanced OS.  Am I wrong?  The article below implies enhanced is required.  I looked for an article to configure the standard OS, but can't find one.  sonicwall is good about providing articles for both.


http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3599
http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7460
http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7461
0
 
LVL 32

Expert Comment

by:nappy_d
ID: 33753438
Yes just:
- go into the Admin WebUI
- Click on VPN
- Click on L2TP server
- Enable L2TP server
- Click on Configure and away you go.
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 250 total points
ID: 33753632
You know...I've seen that there for years, but never bothered to look at it.  Sigh...thanks for the heads up.  I did find an article detailing more on how to configure this feature.

http://www.sonicwall.com/downloads/Configuring_the_L2TP_Server_in_SonicOS.pdf
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 34216130
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question