Open ports on Sonicwall NSA 2400

Posted on 2011-09-25
Last Modified: 2012-08-13
I have Sonicwall NSA 2400 and the users in my network need to open a web site that requires ports 66 and 67 to be open.
I tried to create access rules and NAT policies but it didn’t work.
Can you tell me how to allow all users in my network to access external IP using any port

Question by:omar_nagy
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 20

Accepted Solution

carlmd earned 500 total points
ID: 36598155
Is the use of these two ports from the same web site the users access from the LAN? For example, some web sites require you to login and then forward you to a different address to perhaps deliver a service. If so the assumption would be that you want to open ports 66 and 67 for WAN to LAN traffic. It this is true, what type of traffic do you want to permit (TCP, UDP ?) and from where (any ip address or a specific one or two). It would not be a good idea to open these ports to all traffic from anywhere, which would then make then a arget if you are port scanned.

Expert Comment

ID: 36598516
Can you post screen shots of tour NAT and access rules so we can check them. One common mistake is in the access rules. For inbound wan > lan spice should be "any" and destination the "public interface may is using".

Expert Comment

ID: 36936123
Can yOu clarify what part of the solution corrected your issue?

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Support licences 3 31
Choice of router 8 40
Dlink-DIR 816 router 4 43
Access points not passing on DHCP, because of Draytek PoE Switch (VLAN related) 18 65
We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question