Solved

SonicWall PRO 2040 IP Configuring a Second Routed Network Block

Posted on 2011-02-11
3
937 Views
Last Modified: 2012-05-11
ISP has given us an external IP and gateway.  Let's call it 10.1.2.3/29.   This is applied on X1 interface, and internet access works fine.  We also purchased a second routed block, 184.80.155.64/27 for our mail and remote access servers.  

I'm not sure how to configure the SonicWall to route traffic to the 184.80.155.64 subnet or if it is even possible.  I don't think it would be configured on an external interface.  Should I configure it as a VLAN interface?  Various addresses on that subnet will be NAT'ted to internal LAN IP's--that's the hope anyway.

I've configured this situation before with Cisco ASA and a separate router, but hope in this case to simply use the single UTM firewall to route the traffic.  Any help to figure this out would be appreciated.
0
Comment
Question by:willniccolls
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 7

Accepted Solution

by:
bclongacre earned 175 total points
ID: 34875801
We use Sonicwall as well.  To set up your additional IP addresses you will need to do the following:

Under Network > Address Objects > Address Objects

Click Add
Name the Object - e.g. the IP Address 184.80.155.64
Zone Assignment - WAN
Type - Host (I would configure one object per address, as it gives you the greatest flexibility)
IP Address - the IP Addresss e.g. 184.80.155.64
Click Add

Under Network > NAT Policies

Click Add

Original Source - Any
Translated Source - Original
Original Destination - Address Object associated w/ the Static IP in question e.g. 184.80.155.64
Translated Destination - Address Object associated w/ your desired destination e.g. Mail Server
Original Service - Set applicable Service here, or Any if all traffic is desired to be forwarded
Translated Service - Set applicable Service here, or Original if no change is desired to be made
Inbound Interface - X1 (as this is the interface your WAN connection is on)
Outbound Interface - Any (or specific physical interface, if applicable)

Enable NAT Policy - Yes
Create a reflexive policy - if desired/needed

Click Add

Firewall > Access Rules

Click Add
Action - Allow
From Zone - WAN
To Zone - LAN (or other applicable zone)
Service - Any (or specifically desired service)
Source - X1 (or other applicable source)
Destination - Address Object (e.g. 184.80.155.64)
Users Allowed - All (or other if applicable)
Schedule - Always On (or other as needed)

Click Add
0
 
LVL 7

Assisted Solution

by:bclongacre
bclongacre earned 175 total points
ID: 34875849
Additionally here is a link from Soincwall that may provide additional assistance, if needed.

www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3756
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 75 total points
ID: 34875874
yes, it can be done.  use this KB, which was linked above.

http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3726
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question