?
Solved

Sonicwall  NSA 3500 - public server wizard results in dropped packets

Posted on 2013-12-31
5
Medium Priority
?
672 Views
Last Modified: 2014-01-01
I have a sonicwall NSA 3500 sitting at a collocation center.
x0, Lan, 10.1.22.64/24, sits on lan vlan
x1, Wan, 75.75.210.234/24, sits on wan vlan
x2, Dmz, bridged x1, sits on dmz vlan (works fine)

I have a private server,  10.1.22.48 that I want to redirect 75.75.210.227 port 80, 443 requests to.  I've used the public server wizard and it only results in Drop Code 32 Module Id 26 in packet monitor.  I cannot for the life of me get these requests to be accepted and translated.

I have a similar configuration that I used public server to setup for 75.75.210.234->10.1.22.11 and it works great.  Just this new public + private IP do not work.  The private server is accepting requests on both ports.

I have an email server with a public IP on the DMZ vlan that works fine too, although it isn't using public server wizard settings, just firewall rules to allow the traffic through.
0
Comment
Question by:kzsigo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 11

Expert Comment

by:Miftaul
ID: 39749422
What is the SonicOS version.

You have /24 address for WAN, wow.
0
 
LVL 17

Accepted Solution

by:
lruiz52 earned 750 total points
ID: 39749425
Don't use the wizard and try to do it manually, first create network objects for servers external and internal addresses, then create a 1-to-1 nat policy for incoming traffic, then create an access rule for incoming top 80 and 443 traffic.

Check the link below for how to

http://www.firewalls.com/blog/sonicwall-open-ports/
0
 
LVL 11

Assisted Solution

by:Miftaul
Miftaul earned 750 total points
ID: 39749719
The meaning of SonicWall Dropcode and Module ID varies with firmware version. On SonicOS Enhanced 5.8.1.9-43o, Drop Code 32 means "Invalid connection cache", Module Id 26 means Network.

"Drop Code 32 Module Id 26" relates to dropped SSH/HTTPS session.

For more information on Drop Code and Module ID on SonicOS - Here

Sonicwall support documentation on port forwarding - Here
0
 

Author Comment

by:kzsigo
ID: 39749828
I tried deleting all of the wizard rules, address objects, and setting them up manually but it did not take, same result.  

I saw the names behind the codes document, but I don't know how to solve the connection cache issue.  It's not the standard firewall blocked rule.  

I changed my DMZ X2 to Transparent mode, and my public servers all of a sudden work; I don't get the drop code, and the packets are forwarded/natted, even load balanced.  

However, now the server that is on the DMZ cannot communicate out X1 (originating from X2).   I'll ask a new question for that.  Thanks.
0
 
LVL 11

Expert Comment

by:Miftaul
ID: 39749839
Please inform the SonicOS firmware version with your question.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A Wildcard Certificate means all of your sub-domains will resolve to the same location, regardless of the non-SSL Document-Root specification. A user will need to purchase a wildcard SSL from a vendor or a reseller that supplies them. Similar to ha…
This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question