Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Opening up ports and Setting up port forwarding on Sonicwall.

Posted on 2014-03-26
8
Medium Priority
?
535 Views
Last Modified: 2014-03-27
It's been a while since i have done FW config.
I need to allow people access a users pc on port 96 for a piece of SW they are trialing.
Can you advise on the steps ?

I have setup an access rule for traffic coming in on any interface on port 96 to be allowed through to the users IP. How do i setup port forwarding and have i correctly confirgure part 1 here ?
0
Comment
Question by:netsupport2014
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 1

Expert Comment

by:Dan130
ID: 39956673
what sonicwall NSA are you running and firmware? install telnet to check if ports you are opened correctly.
0
 

Author Comment

by:netsupport2014
ID: 39956692
Model = TZ 170 Enhanced
Firmware = SonicOS Enhanced 3.2

Telnet not connecting.
0
 
LVL 9

Accepted Solution

by:
BigPapaGotti earned 2000 total points
ID: 39957232
You did the first part right by adding the ACL to permit the traffic, make sure that you did it for the right ACL of WAN>LAN assuming that the user's machine is located on the LAN zone.

The next step you need to do is setup a NAT Policy so that it will automatically forward the correct ports to the host's machine. Below is the jist of accomplishing this:


Login to the Sonicwall.
Create a new NAT policy that will be similar to the settings below:
Original Source: Any
Translated Source: Original
Original Destination: WAN Primary IP
Translated Destination: IP OF YOUR USERS COMPUTER
Original Service: PORT NUMBER YOUR HOST IS Listening on (96)
Translated Service: Original
Inbound Interface: X1
Outbound Interface: Any
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:netsupport2014
ID: 39957360
I have done that to the best of my knowledge now and sadly still no luck.

To confirm I can browse to this PC internally from another machine using http://192.168.1.37:96/logon and i get splash screen.

After adding rules and policy above I still can't access the splash screen from outside site.
Using  http://87.xxx.xxx.114:96/logon from my browser as test.

Telnetting and Scanning using http://www.yougetsignal.com/tools/open-ports/ are saying port 96 is still closed. Am i missing something ?

NAT Access Ruletesting
0
 
LVL 9

Expert Comment

by:BigPapaGotti
ID: 39957816
on your nat policy try adjusting it so that the interfaces are specific. such as incoming is your external/public interface and then your outgoing interface is your internal/private interface that your host connects to.
0
 

Author Comment

by:netsupport2014
ID: 39957904
Tried Setting Incoming as Wan and Outgoing as LAN but still no joy. Could there be something overriding this rule ?
0
 
LVL 9

Expert Comment

by:BigPapaGotti
ID: 39958580
There could be a prior ACL that is matching the traffic based on the criteria. If you hover your mouse over the "statistics icon" on your ACL (looks like little bar graphs) this will let you know if your ACL is having any matches if these numbers increment. I would look at your ACL list for WAN>LAN to see what is before it and if possible move up the ACL towards the top. You could always add a temporary permit Any/Any to see if the NAT policy works this will let you know if it is something with the firewall or if this is something with the NAT policy/something else causing the issue.

Also try looking at the logs when you attempt to do this to see if there is anything that jumps out at you showing where the traffic is denied.

I also just looked at my SonicWALL and I see that on my Firewall I have Any Source and Any Destination then my associated services. Perhaps try this and see what your outcome will be. SonicWALLs tend to act oddly at times so be sure to change one thing at a time and then test it out so you know exactly what change resolved the issue.

Be sure to post back your findings
0
 

Author Comment

by:netsupport2014
ID: 39960152
Great stuff. After doing the reviews you suggested i spotted the problem. I think the fact i had tried to get it working so many times i forgot to retrace steps and made too many changes all at once. So i went back to the start and it's working now. Thanks a lot for your help !!!!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question