Solved

Sonicwall needs to configure to access web server(sharepoint) with DDNS host name

Posted on 2013-10-28
6
2,213 Views
Last Modified: 2013-11-24
I have two WAN IP

X1 - static IP and which is configured and working well, no issues.

I can reach web server via X0!

X2 - Dynamic IP from the ISP so configured DDNS with No-IP and trying to reach web server but no luck!

Here comes I need your help
0
Comment
Question by:Shab
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
6 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39607502
run the external server wizard. you need the right port forwarding to go from your x2 ip to the internal ip.
0
 
LVL 1

Author Comment

by:Shab
ID: 39607848
could you please elaborate ? I tried different ways in several times but no luck!
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39609285
http://community.spiceworks.com/how_to/show/2577-post-forwarding-using-nat-on-sonicwall-devices

just make sure to change the public ip to the one on the x2 interface. This will create an address object called server-public or whatever the server name is. Then if your ip ever changes, you just change the ip of the address object in one place.
0
Don't Miss ATEN at InfoComm 2017!

Visit booth #2167 to see the  new ATEN VM3200 32 x 32 Modular Matrix Switch. Other highlights include the VE8950 4K HDMI Over IP Extender, VS1912 12-Port DP Video Wall Media Player  and VK2100 ATEN Control System. Register now with Free Pass Code ATEN288!

 
LVL 1

Author Comment

by:Shab
ID: 39610793
As I mentioned I tried all those options even manual entries!
But for some reason we cannot access web server with ddns domain name! I hope that is possible?
0
 
LVL 25

Expert Comment

by:Diverse IT
ID: 39610873
Hi petertwliu,

What you are trying to achieve is doable provided you have a NGFW. I have setup this up on my end and it works perfectly.

What SonicWALL model and firmware version?

Depending on these answers...it may not be possible to do on the gear/firmware you have.
0
 
LVL 25

Accepted Solution

by:
Diverse IT earned 500 total points
ID: 39610945
This is assuming you have a compatible model/firmware.

I have verified this setup on my end - it works perfectly. It has also been verified by SonicWALL L2 support as a fully supported functionality. If you still can't access it then either a) you are not setting it up correctly (or following the steps we have provided) or b) it is an issue with the web server.

Here is the recommended way to do this:

1. Make sure your SonicOS firmware is up-to-date (at least 5.8.1.13 as the previous version had a DDNS bug).
2. Make sure you have setup the Secondary WAN Interface correctly - can you pass any traffic on it?
3. Setup DDNS and bound it to X2. Make sure the status is displaying "online".
4. Use the Public Wizard to setup access to the Web Server and select Web Server from the drop down.
The Public Wizard will setup the following items automatically:
      Server Address Objects
      1. Create "SharePoint Server (private)" assigned to LAN Zone for Host 10.10.10.1.
      2. Reuse "WAN Primary IP" address object assigned to WAN Zone for 1.1.1.1.

      Server Service Group Object
      1. Create "SharePoint Server (private) Services" with HTTP and HTTPS Services.

      Server NAT Policies
      1. Create Inbound Server NAT Policy to rewrite packets to original destination "WAN Primary IP" to translated destination "SharePoint Server (private)".
      2. Create Outbound Server NAT Policy to rewrite packets from "SharePoint Server (private)" to translated source "WAN Primary IP".
      3. Create Loopback NAT Policy to allow access from all internal zones to the server at public IP address 1.1.1.1.

      Server Access Rules
      1. WAN > LAN - Allow "Any" to "WAN Primary IP" for Service Group "SharePoint Server (private) Services".
      Similar rules will be created from all lower security zones to the LAN zone.

5. Now all you need to do is go into the NAT Policies and Access Rules to change WAN Primary IP to WAN Secondary IP or X2.

Therefore your Access Rule should read as follows:

From: WAN
To: LAN
Priority: <auto-generated>
Source: Any
Destination: WAN Secondary IP or X2
Service: SharePoint Server (private) Services
Action: Allow
Users Incl.: All
Users Excl.: None

Your NAT Policies should read like this:

INBOUND
Original Source: Any
Translated Source: Original
Original Destination: WAN Secondary IP or X2
Translated Destination: SharePoint Server (private)
Original Service: SharePoint Server (private) Services
Translated Service: Original
Inbound Interface: Any
Outbound Interface: Any
Comment: <whatever you want for documentation purposes>

OUTBOUND
Original Source: SharePoint Server (private)
Translated Source: WAN Secondary IP or X2
Original Destination: Any
Translated Destination: Original
Original Service: SharePoint Server (private) Services
Translated Service: Original
Inbound Interface: Any
Outbound Interface: X2
Comment: <whatever you want for documentation purposes>

LOOPBACK
Original Source: Firewalled Subnets
Translated Source: WAN Secondary IP or X2
Original Destination: WAN Secondary IP or X2
Translated Destination: SharePoint Server (private)
Original Service: SharePoint Server (private) Services
Translated Service: Original
Inbound Interface: Any
Outbound Interface: Any
Comment: <whatever you want for documentation purposes>

Try this one last time...as I said it works perfectly on my end...if it still doesn't something is either not being followed or there is an issue with your SharePoint server. Do a Packet Capture to see what is happening to the packets.
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
A recent project that involved parsing Tableau Desktop and Server log files to extract reusable user queries for use in other systems. I chose to use PowerShell to gather the data, and SharePoint to present it...
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question