Solved

Sonicwall secondary WAN setup for RDP only access

Posted on 2014-02-05
4
1,370 Views
Last Modified: 2014-02-20
Greetings,
I currently have a sonicwall TZ100 with one primary WAN connection (sonicwall port X1).
I will be adding a 2nd ISP to use as secondary WAN connection (port X2)  to the Sonicwall for the specific purpose of allowing remote users to RDP into the office to a specific RDP Server IP address.
 I don't want the internal LAN office users to utilize this 2nd ISP due to traffic issues.

 The RDP Server needs to maintain the same LAN subnet to allow RDP users access to office LAN resources.

Ideally the RDP Server IP Address will only utilize the Sonicwall X2 Port for WAN access and the office users will continue to utilize the sonicwall X1 port for WAN access.

Any direction and/or suggestions regarding the direction to take to configure this is appreciated.

Thank you in advance for your help.
0
Comment
Question by:COM1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 8

Assisted Solution

by:N-W
N-W earned 240 total points
ID: 39837972
This is how I'd do it:

1) Configure secondary WAN connection on X2
2) Disable Failover/Load-Balancing
3) Delete the automatically generated NAT rules which allow NAT on X2
4) Configure 1-to-1 NAT between your RDS and X2's public WAN IP
5) Add the required inbound firewall rule to allow RDP through the X2 interface

Let me know if you need further explanation on these steps.
0
 
LVL 1

Accepted Solution

by:
Lajan Jaleel earned 260 total points
ID: 39838026
Dear COM1,

I believe these are the steps:

* Add X2 interface into your WAN ZONE under ZONE configuration

* configure X2 interface. Once you add your X2 into WAN zone you can see the WAN options enabled in the interface.

*Disable Failover/Load Balancing

*Delete the NAT rule for X2 (auto generarted)

* Go to Wizard (On top right hand side)
Public Server Wizard >>>Specify the WAN IP >>>>> Specify the Internal Server IP>>>> Specify RDP protocol.

I think this will help you.

Regards,
LAJAN JALEEL
0
 

Author Comment

by:COM1
ID: 39849255
Thank you N-W and Lajan_Jaleel for responding - sorry for my late reply.

I have configured the NAT rule per your suggestions and I can successfully RDP (with custom port) directly to my RDP server from my 2nd ISP.

The only problem I have after successfully configuring the above desired scenario is that I no longer have internet access on the RDP Server.
I cannot ping any public IP address from the RDP server.
I wanted to access the website www.ipcow.com to ensure I was utilizing the correct WAN IP address to access my RDP Server.

Is there a way, once logged into my RDP server, I can "test" and "verify" that I am indeed using the 2nd WAN on the sonicwall Port X2 without internet access?

Are there additional settings that need to be configured to allow the RDP server to access the internet after configuring the above scenario?

The Remote users only need access an internal LAN program off the Server and don't need web access from the RDP server. I'm not sure at this point if not having internet access on the RDP server will be an issue for the users.

Thank you for your time.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question