sonicwall setup

In Sonicwall setup,  does NAT perform translation before check the firewall ,
or firewall rule run first and then do the NAT?

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Shamil MohamedIT Infrastructure Engineer/IT Systems ManagerCommented:
I am not sure as I also new to sonicwall nsa2600.. But my logic is nat ing will be first then applies the policy..  taking decision port and ip then applies policy..
Muhammad BurhanManager I.T.Commented:
in any firewall network assets or procedures always come first at service.
because usually the rules which we are applying actually a filter between public and private network(LAN).
if natting doesn't occur, how the filter works ?
AXISHKAuthor Commented:
To clarify

1. NAT first  then
2. Firewall rule check,

correct .
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Blue Street TechLast KnightCommented:

No that is not true. It processes in this order:
1. Access Rules,
2. NAT Policy.

Access Rules are a security mechanism, whereas NAT is purely for translation sake. Security always comes before NAT Policies or any other non-security related mechanism. Now regarding the WAN configuration NAT'ing will take place before any Access Rule but that is not to be confused with the NAT Policies you'd setup for port forwarding.

You can test this. Setup a NAT policy without an Access Rule the traffic will go no where. Conversely, if you setup an Access Rule without a NAT policy the traffic will be allowed in and then die. They work together hand and hand with completely different duties and tasks.

Use the Wizard > Public Wizard to setup any port forwarding/open any ports on the's the most complete and comprehensive way to do so.

Make sense?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
diverseit is correct.  This is why you need firewall WAN>LAN rules to allow port communications to the public IP as well as WAN>LAN rules to allow port communications to the private IP.

While I have created them all manually for years, I am now getting old and lazy, and am of the opinion that the best solution is always to scrap your custom rules, just create the service objects and service groups, and then let the Sonicwall Wizard do the rest.  (Button on top right corner of web interface)

AXISHKAuthor Commented:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.