• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 950
  • Last Modified:

SonicWall PRO 2040 IP Configuring a Second Routed Network Block

ISP has given us an external IP and gateway.  Let's call it 10.1.2.3/29.   This is applied on X1 interface, and internet access works fine.  We also purchased a second routed block, 184.80.155.64/27 for our mail and remote access servers.  

I'm not sure how to configure the SonicWall to route traffic to the 184.80.155.64 subnet or if it is even possible.  I don't think it would be configured on an external interface.  Should I configure it as a VLAN interface?  Various addresses on that subnet will be NAT'ted to internal LAN IP's--that's the hope anyway.

I've configured this situation before with Cisco ASA and a separate router, but hope in this case to simply use the single UTM firewall to route the traffic.  Any help to figure this out would be appreciated.
0
willniccolls
Asked:
willniccolls
  • 2
3 Solutions
 
bclongacreCommented:
We use Sonicwall as well.  To set up your additional IP addresses you will need to do the following:

Under Network > Address Objects > Address Objects

Click Add
Name the Object - e.g. the IP Address 184.80.155.64
Zone Assignment - WAN
Type - Host (I would configure one object per address, as it gives you the greatest flexibility)
IP Address - the IP Addresss e.g. 184.80.155.64
Click Add

Under Network > NAT Policies

Click Add

Original Source - Any
Translated Source - Original
Original Destination - Address Object associated w/ the Static IP in question e.g. 184.80.155.64
Translated Destination - Address Object associated w/ your desired destination e.g. Mail Server
Original Service - Set applicable Service here, or Any if all traffic is desired to be forwarded
Translated Service - Set applicable Service here, or Original if no change is desired to be made
Inbound Interface - X1 (as this is the interface your WAN connection is on)
Outbound Interface - Any (or specific physical interface, if applicable)

Enable NAT Policy - Yes
Create a reflexive policy - if desired/needed

Click Add

Firewall > Access Rules

Click Add
Action - Allow
From Zone - WAN
To Zone - LAN (or other applicable zone)
Service - Any (or specifically desired service)
Source - X1 (or other applicable source)
Destination - Address Object (e.g. 184.80.155.64)
Users Allowed - All (or other if applicable)
Schedule - Always On (or other as needed)

Click Add
0
 
bclongacreCommented:
Additionally here is a link from Soincwall that may provide additional assistance, if needed.

www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3756
0
 
digitapCommented:
yes, it can be done.  use this KB, which was linked above.

http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3726
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now