WAN to LAN rule not worked behind firewall on Sonicwall NSA 240

Hi All Experts,

I am trying to port forward a custom port on my sonic wall NSA 240 to a system behind my firewall. I need to have http forwarded to this system. rule is working fine from outside, but when I tried to browse this rule behind firewall it fails.


I configured rules on firewall as below

XX.XX.XX.XX:80 ------>AA.AA.AA.AA:8080
so I can access it by following url from outside without any issue
but I awant to access same thing behind firewall but it's not worked


any guidance here would be appreciated.
Nilesh HavireBusiness ITAsked:
Who is Participating?
Nilesh HavireConnect With a Mentor Business ITAuthor Commented:
I have fixed this issue through HA proxy

I have configured HA Proxy on 80 Port &  gave Tomcat as Backend server then apply following rule in Apache

ProxyPass /Apps_Name/ http://HA_Proxy_IP/Apps_Name

Thanks for help
You cannot access a WAN ip address that is on your LAN, from the LAN.

If you want to access that same web server either use the internal (LAN) ip address, or set up (or if you already have one)  a local dns server that returns the lan address for the URL.
Nilesh HavireBusiness ITAuthor Commented:
exactly I can access it by LAN IP  but I have configure some ProxyPass rule on My server thats why I need it

<VirtualHost *>
SuexecUserGroup "#1000" "#1000"
ServerName Apps_Name.com
ServerAlias www.Apps_Name.com
DocumentRoot /var/www/Apps_Name/
ErrorLog /var/log/httpd/taaray/error_log
CustomLog /var/log/httpd/Apps_Name/access_log "combined"
ScriptAlias /cgi-bin/ /var/www/Apps_Name/cgi-bin/
DirectoryIndex index.html index.htm index.php
<Directory /var/www/Apps_Name>
    FileETag MTime Size
    AllowOverride All
ProxyPass /Apps_Name/ http://XX.XX.XX.XX/Apps_Name

I am unable to configure Proxypass rule as per below because Apache not taking port no.

is there any other way to resolve this issue,
it was working fine on Cyberoam firewall
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

Is AA.AA.AA.AA the "real" ip address of the web server?

Are you on a flat lan, no vlans etc?

If AA.AA.AA.AA is the real ip address of the web server, can you ping that address, and if so can you traceroute to it.

If you acutally put http://AA.AA.AA.AA:8080/Apps_Name in the URL, does it work.

If I understand what you are trying to do, you just want to type the http://AA.AA.AA.AA in the url, and not the :8080. Correct?
Nilesh HavireBusiness ITAuthor Commented:

I configured rules on firewall as below

XX.XX.XX.XX:80 ------>AA.AA.AA.AA:8080

so I can access my tomcat without 8080 from outside , I have configured ProxyPass on apche for my web application, and  i have configured direct WAN IP in ProxyPass it was working fine when I used Cyberoam UTM because I was able to resolve my DNS behind firewall but on new  Firewall  (Sonicwell ), I am unable to resolve my DNS B/H Firewall thats why I am trying to configure LAN IP with port in Apache but it's fail  if I used any other backend server without port then it's working fine

I hope you understand my issue
Take a look at:


I think if you do this and use http://AA.AA.AA.AA/Apps_Name it should work.

You will not be able to accomplish what you want with the Sonciwall.
Nilesh HavireBusiness ITAuthor Commented:
i have got solution from vendor
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.