SonicWall Firewall

Experts,
I setup a NAT on my sonicwall from private to public IP addresses, under Routing I added a line that allow ANY to access the internal device (which is a MPLS router). Under services I ensure I allowed SSH, under Firewall, Access Rules I added a rule that allow WAN to access the device, however when trying to access the device remotely I get connection time out and in the log I see a link that says Network Access, TCP dropped.
Did I missed anything? any help will be much appreciated.
Thank you
Roy
rfinalyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

bbaoIT ConsultantCommented:
at first, accessing a device behind NAT from external to internal is not addressed by routing. it is port forwarding.

secondly, for SonicWALL NAT, commonly two steps should be done.

1. enable WAN -> LAN access on specific ports by Firewall rules.
2. enable NAT mapping from WAN IP to internal IP on the same ports by NAT policies.

lastly, for troubleshooting, you may use its diagnosis tools to trace the packets and find out where stops the traffic.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rfinalyAuthor Commented:
Thank you for your respond, I do have access list setup from WAN to LAN I open it for ANY just to test, also the NAT looks good in terms of setup, the trace route does fail on the spot, where else can I check if something is blocking this access?
Roy
0
bbaoIT ConsultantCommented:
a trick is to monitor if there is any traffic collected on the given NAT policy or firewall rule. just move your mouse over the Traffic Statistics icon, no need to click, you may see the byes and packets that have been received and transferred.

you may simply clear the statistics then run your test and check if there are new numbers there. if yes, it means the rule has been applied on the event. if not, the rule is not used therefore somewhere in your rules is wrong.
0
Webinar: What were the top threats in Q2 2018?

Every quarter, the WatchGuard Threat Lab releases an Internet Security Report that describes and analyzes the top threat trends impacting companies around the world. Are you ready to learn more about the top threats of Q2 2018? Register for our Sept. 26th webinar to learn more!

rfinalyAuthor Commented:
It is all on zero, I called Sonic wall support and they confirm that the configurations are correct, what else can be the issue?
0
Blue Street TechLast KnightCommented:
Hi rfinaly,

I'm surprised SonicWALL tech support didn't pinpoint the issue! What did they say the cause was?
0
bbaoIT ConsultantCommented:
how did the things finally get solved?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.