Hello- We are migrating from a Sonicwall 3060 to an NSA 3600. We have 3 interfaces set up- X0 LAN, X1 WAN and X3 transparent DMZ. We have used the Server wizard to automatically create address objects, service objects and access rules, as well as NAT policies, for each server. All our servers are on the same subnet as the WAN interface. We have two questions:
1) The server wizard requires a public and private IP address. But since our servers are on the transparent DMZ, not on the LAN, we have entered the same public address for both fields in the wizard. The wizard completed successfully and gave no errors. Will this work when we bring the system online?
2) Some of the DMZ servers require a few services to be blocked from WAN access, but allowed from LAN access. We are not sure how to do this. If we use the wizard to create new access rules, NAT policies, etc it binds the access rules to the WAN/DMZ, so we cannot modify the Source field in the access rules, since it doesn't apply to the LAN. We are trying to avoid creating this manually since frankly we are not sure how the NAT policies work, and would rather let the wizard create them automatically.
Any help would be appreciated. This is for an educational organization with about 200 users.