Sonicwall needs to configure to access web server(sharepoint) with DDNS host name

I have two WAN IP

X1 - static IP and which is configured and working well, no issues.

I can reach web server via X0!

X2 - Dynamic IP from the ISP so configured DDNS with No-IP and trying to reach web server but no luck!

Here comes I need your help
LVL 1
ShabAsked:
Who is Participating?
 
Blue Street TechLast KnightCommented:
This is assuming you have a compatible model/firmware.

I have verified this setup on my end - it works perfectly. It has also been verified by SonicWALL L2 support as a fully supported functionality. If you still can't access it then either a) you are not setting it up correctly (or following the steps we have provided) or b) it is an issue with the web server.

Here is the recommended way to do this:

1. Make sure your SonicOS firmware is up-to-date (at least 5.8.1.13 as the previous version had a DDNS bug).
2. Make sure you have setup the Secondary WAN Interface correctly - can you pass any traffic on it?
3. Setup DDNS and bound it to X2. Make sure the status is displaying "online".
4. Use the Public Wizard to setup access to the Web Server and select Web Server from the drop down.
The Public Wizard will setup the following items automatically:
      Server Address Objects
      1. Create "SharePoint Server (private)" assigned to LAN Zone for Host 10.10.10.1.
      2. Reuse "WAN Primary IP" address object assigned to WAN Zone for 1.1.1.1.

      Server Service Group Object
      1. Create "SharePoint Server (private) Services" with HTTP and HTTPS Services.

      Server NAT Policies
      1. Create Inbound Server NAT Policy to rewrite packets to original destination "WAN Primary IP" to translated destination "SharePoint Server (private)".
      2. Create Outbound Server NAT Policy to rewrite packets from "SharePoint Server (private)" to translated source "WAN Primary IP".
      3. Create Loopback NAT Policy to allow access from all internal zones to the server at public IP address 1.1.1.1.

      Server Access Rules
      1. WAN > LAN - Allow "Any" to "WAN Primary IP" for Service Group "SharePoint Server (private) Services".
      Similar rules will be created from all lower security zones to the LAN zone.

5. Now all you need to do is go into the NAT Policies and Access Rules to change WAN Primary IP to WAN Secondary IP or X2.

Therefore your Access Rule should read as follows:

From: WAN
To: LAN
Priority: <auto-generated>
Source: Any
Destination: WAN Secondary IP or X2
Service: SharePoint Server (private) Services
Action: Allow
Users Incl.: All
Users Excl.: None

Your NAT Policies should read like this:

INBOUND
Original Source: Any
Translated Source: Original
Original Destination: WAN Secondary IP or X2
Translated Destination: SharePoint Server (private)
Original Service: SharePoint Server (private) Services
Translated Service: Original
Inbound Interface: Any
Outbound Interface: Any
Comment: <whatever you want for documentation purposes>

OUTBOUND
Original Source: SharePoint Server (private)
Translated Source: WAN Secondary IP or X2
Original Destination: Any
Translated Destination: Original
Original Service: SharePoint Server (private) Services
Translated Service: Original
Inbound Interface: Any
Outbound Interface: X2
Comment: <whatever you want for documentation purposes>

LOOPBACK
Original Source: Firewalled Subnets
Translated Source: WAN Secondary IP or X2
Original Destination: WAN Secondary IP or X2
Translated Destination: SharePoint Server (private)
Original Service: SharePoint Server (private) Services
Translated Service: Original
Inbound Interface: Any
Outbound Interface: Any
Comment: <whatever you want for documentation purposes>

Try this one last time...as I said it works perfectly on my end...if it still doesn't something is either not being followed or there is an issue with your SharePoint server. Do a Packet Capture to see what is happening to the packets.
0
 
Aaron TomoskySD-WAN SimplifiedCommented:
run the external server wizard. you need the right port forwarding to go from your x2 ip to the internal ip.
0
 
ShabAuthor Commented:
could you please elaborate ? I tried different ways in several times but no luck!
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
Aaron TomoskySD-WAN SimplifiedCommented:
http://community.spiceworks.com/how_to/show/2577-post-forwarding-using-nat-on-sonicwall-devices

just make sure to change the public ip to the one on the x2 interface. This will create an address object called server-public or whatever the server name is. Then if your ip ever changes, you just change the ip of the address object in one place.
0
 
ShabAuthor Commented:
As I mentioned I tried all those options even manual entries!
But for some reason we cannot access web server with ddns domain name! I hope that is possible?
0
 
Blue Street TechLast KnightCommented:
Hi petertwliu,

What you are trying to achieve is doable provided you have a NGFW. I have setup this up on my end and it works perfectly.

What SonicWALL model and firmware version?

Depending on these answers...it may not be possible to do on the gear/firmware you have.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.