Solved

Sonicwall secondary WAN setup for RDP only access

Posted on 2014-02-05
4
1,242 Views
Last Modified: 2014-02-20
Greetings,
I currently have a sonicwall TZ100 with one primary WAN connection (sonicwall port X1).
I will be adding a 2nd ISP to use as secondary WAN connection (port X2)  to the Sonicwall for the specific purpose of allowing remote users to RDP into the office to a specific RDP Server IP address.
 I don't want the internal LAN office users to utilize this 2nd ISP due to traffic issues.

 The RDP Server needs to maintain the same LAN subnet to allow RDP users access to office LAN resources.

Ideally the RDP Server IP Address will only utilize the Sonicwall X2 Port for WAN access and the office users will continue to utilize the sonicwall X1 port for WAN access.

Any direction and/or suggestions regarding the direction to take to configure this is appreciated.

Thank you in advance for your help.
0
Comment
Question by:COM1
4 Comments
 
LVL 8

Assisted Solution

by:N-W
N-W earned 240 total points
ID: 39837972
This is how I'd do it:

1) Configure secondary WAN connection on X2
2) Disable Failover/Load-Balancing
3) Delete the automatically generated NAT rules which allow NAT on X2
4) Configure 1-to-1 NAT between your RDS and X2's public WAN IP
5) Add the required inbound firewall rule to allow RDP through the X2 interface

Let me know if you need further explanation on these steps.
0
 
LVL 1

Accepted Solution

by:
Lajan Jaleel earned 260 total points
ID: 39838026
Dear COM1,

I believe these are the steps:

* Add X2 interface into your WAN ZONE under ZONE configuration

* configure X2 interface. Once you add your X2 into WAN zone you can see the WAN options enabled in the interface.

*Disable Failover/Load Balancing

*Delete the NAT rule for X2 (auto generarted)

* Go to Wizard (On top right hand side)
Public Server Wizard >>>Specify the WAN IP >>>>> Specify the Internal Server IP>>>> Specify RDP protocol.

I think this will help you.

Regards,
LAJAN JALEEL
0
 

Author Comment

by:COM1
ID: 39849255
Thank you N-W and Lajan_Jaleel for responding - sorry for my late reply.

I have configured the NAT rule per your suggestions and I can successfully RDP (with custom port) directly to my RDP server from my 2nd ISP.

The only problem I have after successfully configuring the above desired scenario is that I no longer have internet access on the RDP Server.
I cannot ping any public IP address from the RDP server.
I wanted to access the website www.ipcow.com to ensure I was utilizing the correct WAN IP address to access my RDP Server.

Is there a way, once logged into my RDP server, I can "test" and "verify" that I am indeed using the 2nd WAN on the sonicwall Port X2 without internet access?

Are there additional settings that need to be configured to allow the RDP server to access the internet after configuring the above scenario?

The Remote users only need access an internal LAN program off the Server and don't need web access from the RDP server. I'm not sure at this point if not having internet access on the RDP server will be an issue for the users.

Thank you for your time.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now