Solved

SonicWall PRO 2040 IP Configuring a Second Routed Network Block

Posted on 2011-02-11
3
912 Views
Last Modified: 2012-05-11
ISP has given us an external IP and gateway.  Let's call it 10.1.2.3/29.   This is applied on X1 interface, and internet access works fine.  We also purchased a second routed block, 184.80.155.64/27 for our mail and remote access servers.  

I'm not sure how to configure the SonicWall to route traffic to the 184.80.155.64 subnet or if it is even possible.  I don't think it would be configured on an external interface.  Should I configure it as a VLAN interface?  Various addresses on that subnet will be NAT'ted to internal LAN IP's--that's the hope anyway.

I've configured this situation before with Cisco ASA and a separate router, but hope in this case to simply use the single UTM firewall to route the traffic.  Any help to figure this out would be appreciated.
0
Comment
Question by:willniccolls
  • 2
3 Comments
 
LVL 7

Accepted Solution

by:
bclongacre earned 175 total points
ID: 34875801
We use Sonicwall as well.  To set up your additional IP addresses you will need to do the following:

Under Network > Address Objects > Address Objects

Click Add
Name the Object - e.g. the IP Address 184.80.155.64
Zone Assignment - WAN
Type - Host (I would configure one object per address, as it gives you the greatest flexibility)
IP Address - the IP Addresss e.g. 184.80.155.64
Click Add

Under Network > NAT Policies

Click Add

Original Source - Any
Translated Source - Original
Original Destination - Address Object associated w/ the Static IP in question e.g. 184.80.155.64
Translated Destination - Address Object associated w/ your desired destination e.g. Mail Server
Original Service - Set applicable Service here, or Any if all traffic is desired to be forwarded
Translated Service - Set applicable Service here, or Original if no change is desired to be made
Inbound Interface - X1 (as this is the interface your WAN connection is on)
Outbound Interface - Any (or specific physical interface, if applicable)

Enable NAT Policy - Yes
Create a reflexive policy - if desired/needed

Click Add

Firewall > Access Rules

Click Add
Action - Allow
From Zone - WAN
To Zone - LAN (or other applicable zone)
Service - Any (or specifically desired service)
Source - X1 (or other applicable source)
Destination - Address Object (e.g. 184.80.155.64)
Users Allowed - All (or other if applicable)
Schedule - Always On (or other as needed)

Click Add
0
 
LVL 7

Assisted Solution

by:bclongacre
bclongacre earned 175 total points
ID: 34875849
Additionally here is a link from Soincwall that may provide additional assistance, if needed.

www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3756
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 75 total points
ID: 34875874
yes, it can be done.  use this KB, which was linked above.

http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3726
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ASA Restarted Suddenly 11 86
NFL.com can't be found 13 94
Sonicwall Web User login Redirect 9 60
Login to my old Sonicwall TZ210 5 49
I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now