Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 954
  • Last Modified:

SonicWall PRO 2040 IP Configuring a Second Routed Network Block

ISP has given us an external IP and gateway.  Let's call it 10.1.2.3/29.   This is applied on X1 interface, and internet access works fine.  We also purchased a second routed block, 184.80.155.64/27 for our mail and remote access servers.  

I'm not sure how to configure the SonicWall to route traffic to the 184.80.155.64 subnet or if it is even possible.  I don't think it would be configured on an external interface.  Should I configure it as a VLAN interface?  Various addresses on that subnet will be NAT'ted to internal LAN IP's--that's the hope anyway.

I've configured this situation before with Cisco ASA and a separate router, but hope in this case to simply use the single UTM firewall to route the traffic.  Any help to figure this out would be appreciated.
0
willniccolls
Asked:
willniccolls
  • 2
3 Solutions
 
bclongacreCommented:
We use Sonicwall as well.  To set up your additional IP addresses you will need to do the following:

Under Network > Address Objects > Address Objects

Click Add
Name the Object - e.g. the IP Address 184.80.155.64
Zone Assignment - WAN
Type - Host (I would configure one object per address, as it gives you the greatest flexibility)
IP Address - the IP Addresss e.g. 184.80.155.64
Click Add

Under Network > NAT Policies

Click Add

Original Source - Any
Translated Source - Original
Original Destination - Address Object associated w/ the Static IP in question e.g. 184.80.155.64
Translated Destination - Address Object associated w/ your desired destination e.g. Mail Server
Original Service - Set applicable Service here, or Any if all traffic is desired to be forwarded
Translated Service - Set applicable Service here, or Original if no change is desired to be made
Inbound Interface - X1 (as this is the interface your WAN connection is on)
Outbound Interface - Any (or specific physical interface, if applicable)

Enable NAT Policy - Yes
Create a reflexive policy - if desired/needed

Click Add

Firewall > Access Rules

Click Add
Action - Allow
From Zone - WAN
To Zone - LAN (or other applicable zone)
Service - Any (or specifically desired service)
Source - X1 (or other applicable source)
Destination - Address Object (e.g. 184.80.155.64)
Users Allowed - All (or other if applicable)
Schedule - Always On (or other as needed)

Click Add
0
 
bclongacreCommented:
Additionally here is a link from Soincwall that may provide additional assistance, if needed.

www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3756
0
 
digitapCommented:
yes, it can be done.  use this KB, which was linked above.

http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3726
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now