• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 957
  • Last Modified:

SonicWall TZ 180

I have a SonicWall TZ180 at a smaller location, I have two servers that sit behind the firewall and only a single IP, is there a way to NAT so that I can get from the PUBLIC IP to both of those servers?  There is no license for Global VPN Client on this firewall or i would just use that.

thanks for the help
0
dwaynem2345
Asked:
dwaynem2345
  • 5
  • 5
  • 5
  • +1
2 Solutions
 
digitapCommented:
The 180 should have at least come with one ssl-vpn licnese, so all you'd need to do is configure it on the appliance.  alternatively, you can change the RDP port on the second server.  on the 180, create a new service to match the port you change the second server to.  then, run the public server wizard twice.  the first time you specify the default rdp port.  the second time you specify the new service.  when you rdp to the second server, you specify the port you created.Here is a KB for setting up the ssl-vpn:http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=6461
0
 
dwaynem2345Author Commented:
I will look at trying both
0
 
digitapCommented:
sounds good...let us know if you run into any challenges...
0
Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

 
dwaynem2345Author Commented:
Currently the software is the standard version, do i have to upgrade to enhanced first?
0
 
digitapCommented:
Sorry.  Yes, you need the enhanced to use the SSL-VPN functionality.  I didn't think to ask.  I've not seen the 180 with Standard.  All the appliances we sell have Enhanced.  Here is a link to help open the ports with Standard OS.

http://bit.ly/99ZqpD
0
 
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
The Sonicwall might come with only one GVC license but it has upto 10 free L2TP or PPTP connections or (I think) 5 VPN site to site licenses.

You can use those free!  

Now that aside, what are you trying to connect to on these two servers? RDP, http, FTP, or something else. Are they the same on both servers or different applications and ports?
0
 
dwaynem2345Author Commented:
RDP for both, I can change the ports if necessary
0
 
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
There will be no need to change server listening ports for services.  Once you connect to the VPN endpoint, the remote computer(s) will act as if they are local to the servers.

There will also be no need to NAT anything either.
0
 
dwaynem2345Author Commented:
problem for the site to site, the remote site that connects to these does not have a firewall, and since the global vpn client has no licenses..that is why i was trying to NAT
0
 
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
What are the remote site clients using for computers?  Windows or Macs?
0
 
dwaynem2345Author Commented:
Windows
0
 
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
Great so then configure L2TP connections as you are allowed 10 concurrent with the standard version of the Sonicwall OS.

For Windows clients:
http://support.microsoft.com/kb/281555

For the Sonicwall,these instructions are in your manual.  Pretty easy to do.  It's been a while since I set mine up for a client.. But just try it and ask if you have questions...
0
 
digitapCommented:
@nappy :: I forgot about L2TP/PPTP connections, but connecting clients to the sonicwall in this manner requires the enhanced OS.  Am I wrong?  The article below implies enhanced is required.  I looked for an article to configure the standard OS, but can't find one.  sonicwall is good about providing articles for both.


http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3599
http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7460
http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7461
0
 
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
Yes just:
- go into the Admin WebUI
- Click on VPN
- Click on L2TP server
- Enable L2TP server
- Click on Configure and away you go.
0
 
digitapCommented:
You know...I've seen that there for years, but never bothered to look at it.  Sigh...thanks for the heads up.  I did find an article detailing more on how to configure this feature.

http://www.sonicwall.com/downloads/Configuring_the_L2TP_Server_in_SonicOS.pdf
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

  • 5
  • 5
  • 5
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now