Solved

Redirect a hard coded IP address

Posted on 2011-02-16
12
1,127 Views
Last Modified: 2012-05-11
I posted this over at the sonicwall forums but I'm not getting any response.

I have a device on my network running an application that must talk to another server. When the app was written the IP address it talks to was hard coded in. That address has since changed and the app doesn't work anymore.

We have a new development team working on it but the new app won't be ready for months. In the mean time I would like to redirect this traffic some how.

The server is behind a sonicwall tz210 and the IP I want to redirect it to is also behind a sonicwall, an NSA240.

Is there some way to have the tz210 grab this IP and redirect it to the nsa240?
0
Comment
Question by:AJNS
12 Comments
 
LVL 3

Expert Comment

by:Rick_at_ptscinti
Comment Utility
The short answer is yes, you can do that with NAT.  What happened to the old address?  It might be easier to assign a secondary IP address to the server so it will listen on the old address as well as the new one.
0
 
LVL 6

Accepted Solution

by:
caskrist earned 250 total points
Comment Utility
Maybe with NAT policies, never tried this before.

Source original : firewalled subnets
Source translated: X1 IP

Destination original:  (the hard coded ip)
destination translated: (the new ip)

Service original: (try to add the service or choose any)
Service translated: original

interface inbound: any (not sure about this one)
interface outbound: any (not sure about his onne either)

Not sure, but you can try it.

0
 

Author Comment

by:AJNS
Comment Utility
the IP address it is trying to reach is actually a live IP on the internet that used to belong to the wan interface on a firewall. That is no longer our IP, it stayed with a hosting company.

Do you think NAT will get me out one firewall and back in the other?
0
 
LVL 3

Expert Comment

by:Rick_at_ptscinti
Comment Utility
NAT is not going to do you any good if you don't have access to the IP address anymore.  NAT will convert address from an outside port to an inside port (or any variation like that) but you have to have an interface that is "listening" for that address.  The issue you've got is that even if you configured that address on your public interface the carrier isn't routing that address to your premise so the traffic would never get there.

So did you have the public address configured directly on the server?  If so, then you could create that address as a secondary address on the LAN interface of your router.  You could then NAT a different public address that appears on the public side of your router now to the old address.  That should work for you.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 6

Assisted Solution

by:caskrist
caskrist earned 250 total points
Comment Utility
When the NAT policy is used on the 'sending' firewall, the traffic is redirected to the new ip address. The receiving firewall accepts that traffic.
0
 
LVL 6

Expert Comment

by:caskrist
Comment Utility
Sure this method works
0
 
LVL 6

Expert Comment

by:caskrist
Comment Utility
I've used this outbound NAT policy to redirect traffic to SMTP-servers, not exactly this setup, but close.
0
 
LVL 6

Expert Comment

by:caskrist
Comment Utility
Objection!

3) Accept one or more Expert posts as the answer

http:#34909926
0
 
LVL 1

Expert Comment

by:Vee_Mod
Comment Utility
All,
 
Following an 'Objection' by caskrist (at http://www.experts-exchange.com/Q_26833797.html) to the intended closure of this question, it has been reviewed by at least one Moderator and is being closed as recommended by the Expert.
 
At this point I am going to re-start the auto-close procedure.
 
Thank you,
 
Vee_Mod
Community Support Moderator
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now