Public IPs assigned to Sonicwall

My Sonicwall connect to a ISP router. The provider provide 2 set of public IPs.

How can my sonicwall use these two set of public IP address ? Currently, one public IP has been binded to a WAN link of sonicwall but I have no idea how to make use of another one ?

Tks
AXISHKAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

lruiz52Commented:
WIth the other IP you can setup 1 to 1 Nat to access an internal server or setup PAT to access services on diffrent internal servers like ftp or RDP

check out this Video, it explains NAT Policies.
https://www.youtube.com/watch?v=lu1G32f1vfc
AXISHKAuthor Commented:
Suppose my ISP give me two public IP range :

203.198.xxx.xx / 29       (6 hosts)
113.28.xxx.xx     / 29        (6 hosts)

Currently, my firewall has already use 203.198.xxx.1 (as my Sonicwall WAN) and 203.198.xxx.2 for my router.

But, how can I make use the other subnet on my Sonicwall to use the other 113.28.xxx.xx subnet ?

Tks
Blue Street TechLast KnightCommented:
Hi AXISHK,

You can take advantage of the entire range by defining them in Address Objects. This is how your breakdown will be for this example.

CIDR Network:               203.198.1.0/29
Network Address/ID:    203.198.1.0
First Host Address:       203.198.1.1
Last Host Address:       203.198.1.6
Broadcast Address:      203.198.1.7

Typically, you'll bind the First available IP or First Host to the WAN (203.198.1.1) in your X1 port. To utilize the other Hosts/IPs (113.28.1.3- 113.28.1.6) simply create Address Objects such as X1 (.3), X1 (.4)...and so on (or whatever you want to name them - it doesn't matter as long as you know what they mean).

Then you can use those Address Objects in your firewall for Access Rules, NAT Policies etc. You can setup DNS records (A Records, etc.) in your external DNS servers to route the traffic accordingly. For example, if you wanted to use your third available IP for RDS traffic you could setup something like rds.domain.com (113.28.1.3) then in your firewall create the appropriate Access Rules and NAT policies to route the traffic to your RDS server internally. I'd recommend to do so via the Wizard > Public Wizard.

Let me know if you have any other questions!
Need More Insight Into What’s Killing Your Network

Flow data analysis from SolarWinds NetFlow Traffic Analyzer (NTA), along with Network Performance Monitor (NPM), can give you deeper visibility into your network’s traffic.

AXISHKAuthor Commented:
My provider provide me with two non-contingent subnet.

 We have already binded 203.198.xxx.1 as my Sonicwall WAN with gateway 203.198.xxx.2 (my router).

As the ISP provider another different subnet, which is 113.28.xxx.xx  / 29. How can I make use of this subnet ?
Blue Street TechLast KnightCommented:
So you have a 10 pack of static IPs and this is how they distributed them to you in two different IP blocks?

If that is the case I'd contact your ISP but I'm thinking that they have bound both subnets to their equipment so that you should be able to get both networks on the same uplink to their router. Check with them but if I'm correct, then simply do what I said in my last comment but with the new subnet as well. Maybe for the Address Object Naming something like X1 1st block (.3), X1 2nd block (.3)...etc.
AXISHKAuthor Commented:
To clarify my understanding,

Two subnet range
203.198.xxx.xx / 29       (6 hosts)
113.28.xxx.xx     / 29        (6 hosts)

Sonicwall WAN    : 203.198.xxx.1  
ISP router            : 203.198.xxx.2

So, I can simply setup other public IP (113.28.xxx.xx), similar to 203.198.xxx.xx without need to anything on the WAN link, correct ?

Tks
Benjamin Van DitmarsSr Network EngineerCommented:
Normaly you only need to add an arp entry with the subnet and bind it to youre wan mac
then add network objects for the ip addresses.

after this you can use them for natting

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
AXISHKAuthor Commented:
Tks
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.