Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Sonicwall TZ 105 allow Lan to pull file from DMZ

Posted on 2014-03-28
13
Medium Priority
?
654 Views
Last Modified: 2014-03-29
Have a Sonicwall TZ105 and the client needs to be able to run a batch file on the LAN side that will pull a file from the DMZ side. This is done periodically based on a task on the LAN Side computer.

What is the best way to do this
0
Comment
Question by:911bob
  • 8
  • 5
13 Comments
 
LVL 11

Accepted Solution

by:
Miftaul earned 2000 total points
ID: 39963236
Access from LAN to DMZ is allowed. So it should work just fine without any additional configuration.
0
 

Author Comment

by:911bob
ID: 39963830
Thats what I thought.. but its not..

Everything is open from LAN to DMZ and Everything is denied from DMZ to LAN

Is there any NAT setting that has to be applied?

Trying to browse to a computer on that side using \\192.168.11.14\
0
 

Author Comment

by:911bob
ID: 39963831
If I open the DMZ>Lan for all then the DMZ can browse to the lan side
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 11

Expert Comment

by:Miftaul
ID: 39963837
Do you mean you want to access a lan resource from dmz. We can limit the access by selectively allowing any ip for selective services.
0
 

Author Comment

by:911bob
ID: 39963842
NO, From the LAN Side I cannot open the DMZ side
0
 

Author Comment

by:911bob
ID: 39963850
lan is 192.168.68.X

DMZ is 192.168.11.X

Trying to open \\192.168.11.14\ from LAN TO dmz

Oddly if I open everything from DMZ to LAN, then I cna ping and can open \\192.168.68\14\ from the DMZ Side.
0
 

Author Comment

by:911bob
ID: 39963858
2 03/29/2014 10:47:11.832 Notice Network Access UDP packet dropped 192.168.11.14, 137, X4 192.168.68.224, 137, X0 UDP NetBios UDP    
3 03/29/2014 10:47:09.736 Notice Network Access TCP connection dropped 192.168.11.14, 49166, X4 192.168.68.224, 445, X0 TCP SMB    
4 03/29/2014 10:38:27.832 Notice Network Access TCP connection dropped 192.168.11.14, 49371, X4 192.168.68.224, 445, X0 TCP SMB    
5 03/29/2014 10:38:14.304 Notice Network Access ICMP packet dropped due to policy 192.168.11.14, 1, X4 192.168.68.224, 8, X0 ICMP Echo, Code: 0

From log file
0
 

Author Comment

by:911bob
ID: 39963862
Well.. now it decided to start working..

Go figure..

I added an ICMP rule on the DMZ to the LAN to allow, Did a ping, and it worked..
I then turned off the ALLOW all from DMZ to LAn and it still works..

I gues patience plays a part.
0
 

Author Closing Comment

by:911bob
ID: 39963864
Thanks for your help
0
 
LVL 11

Expert Comment

by:Miftaul
ID: 39963865
So the Firewall Access rule from LAN to DMZ is allowed but you can not initiatate a connection from lan to dmz, is that what you experiancing. Please allow the required type of services from lan to dmz if its not already there.

Return traffic from dmz to lan will be allowed.
0
 
LVL 11

Expert Comment

by:Miftaul
ID: 39963869
The log shows you are initiating the connection from dmz to lan, where it should've been the other way, init.
0
 
LVL 11

Expert Comment

by:Miftaul
ID: 39963900
Good that it works. Thanks.
0
 

Author Comment

by:911bob
ID: 39964020
I am fairly sure it was a windows firewall issue on the DMZ Side
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Netscaler #MSSQL #Load Balance
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Enter Foreign and Special Characters Enter characters you can't find on a keyboard using its ASCII code ... and learn how to make a handy reference for yourself using Excel ~ Use these codes in any Windows application! ... whether it is a Micr…
Suggested Courses
Course of the Month13 days, 6 hours left to enroll

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question