?
Solved

Access Rule in Sonicwall

Posted on 2013-10-30
4
Medium Priority
?
777 Views
Last Modified: 2013-10-30
Under Access rule in Sonicwall Pro 4060, an access rule has been created flowing from WAN to LAN zone and the destination is defined as WAN IP address.

As the flow is from WAN, I suppose the source IP should be WAN IP address. Why is appeared like this ?

Tks
Test.png
0
Comment
Question by:AXISHK
  • 2
4 Comments
 
LVL 29

Assisted Solution

by:Blue Street Tech
Blue Street Tech earned 1000 total points
ID: 39610889
Hi AXISHK,

Yes, your rule in the attachment should be set to the WAN Primary IP or WAN IP rather than the numerical value of your IP, if possible (the Pro 4060 is an older model so it may only allow for the numerical IP value).

The WAN > LAN deny rule is what makes your firewall a firewall. You should have those in any Zone you want by default blocked (typically the WAN > {firewalled subnet, e.g. LAN, DMZ, WLAN, etc.}). The Destination should actually be Any because it will block all WAN IPs that way.

Your default deny Access Rule should read as follows:

From: WAN
To: LAN
Priority: <lowest, if you have 3 Access Rules here it should be last or in this case #3>
Source: Any
Destination: Any
Service: Any
Action: Deny or Discard
Users Incl.: All
Users Excl.: None
Comment: <whatever you want to document this rule>

Let me know if you have any questions!
0
 
LVL 17

Accepted Solution

by:
Sajid Shaik M earned 1000 total points
ID: 39610897
it means external traffice coming from the WAN traffic from the IP (Destination=113.2.x.x) allow to lan on specific service... (could be RDP)

guided article :
http://support.microsoft.com/kb/304304

all the best
0
 

Author Closing Comment

by:AXISHK
ID: 39611110
Tks
0
 
LVL 29

Expert Comment

by:Blue Street Tech
ID: 39612761
Glad I could help...thanks for the points!
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

599 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question