Solved

SonicWall PRO 2040 IP Configuring a Second Routed Network Block

Posted on 2011-02-11
3
897 Views
Last Modified: 2012-05-11
ISP has given us an external IP and gateway.  Let's call it 10.1.2.3/29.   This is applied on X1 interface, and internet access works fine.  We also purchased a second routed block, 184.80.155.64/27 for our mail and remote access servers.  

I'm not sure how to configure the SonicWall to route traffic to the 184.80.155.64 subnet or if it is even possible.  I don't think it would be configured on an external interface.  Should I configure it as a VLAN interface?  Various addresses on that subnet will be NAT'ted to internal LAN IP's--that's the hope anyway.

I've configured this situation before with Cisco ASA and a separate router, but hope in this case to simply use the single UTM firewall to route the traffic.  Any help to figure this out would be appreciated.
0
Comment
Question by:willniccolls
  • 2
3 Comments
 
LVL 7

Accepted Solution

by:
bclongacre earned 175 total points
Comment Utility
We use Sonicwall as well.  To set up your additional IP addresses you will need to do the following:

Under Network > Address Objects > Address Objects

Click Add
Name the Object - e.g. the IP Address 184.80.155.64
Zone Assignment - WAN
Type - Host (I would configure one object per address, as it gives you the greatest flexibility)
IP Address - the IP Addresss e.g. 184.80.155.64
Click Add

Under Network > NAT Policies

Click Add

Original Source - Any
Translated Source - Original
Original Destination - Address Object associated w/ the Static IP in question e.g. 184.80.155.64
Translated Destination - Address Object associated w/ your desired destination e.g. Mail Server
Original Service - Set applicable Service here, or Any if all traffic is desired to be forwarded
Translated Service - Set applicable Service here, or Original if no change is desired to be made
Inbound Interface - X1 (as this is the interface your WAN connection is on)
Outbound Interface - Any (or specific physical interface, if applicable)

Enable NAT Policy - Yes
Create a reflexive policy - if desired/needed

Click Add

Firewall > Access Rules

Click Add
Action - Allow
From Zone - WAN
To Zone - LAN (or other applicable zone)
Service - Any (or specifically desired service)
Source - X1 (or other applicable source)
Destination - Address Object (e.g. 184.80.155.64)
Users Allowed - All (or other if applicable)
Schedule - Always On (or other as needed)

Click Add
0
 
LVL 7

Assisted Solution

by:bclongacre
bclongacre earned 175 total points
Comment Utility
Additionally here is a link from Soincwall that may provide additional assistance, if needed.

www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3756
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 75 total points
Comment Utility
yes, it can be done.  use this KB, which was linked above.

http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3726
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now