Solved

SonicWALL NAT configuration

Posted on 2016-07-25
9
72 Views
Last Modified: 2016-08-01
Hi Guys,

I have two web servers behind a SonicWall TZ400 and two seperate public IP's coming in.
I would like to publish the one server on public IP-1 and the other on public IP-2.

I've tried a couple of scenarios, but the packet destination address show as the WAN address of the SonicWALL router
(doesn't show the original public IP address)

There is another router infront of the SonicWALL and this router is natting through from the internet to the SonicWall.

Am I correct in thinking the "front-end' router is removing the "original destination" from the incoming packets?

Is there any way redirecting incoming traffic in the SonicWALL based on "original destination" (Public IP)?
0
Comment
Question by:Rupert Eghardt
  • 5
  • 4
9 Comments
 
LVL 22

Assisted Solution

by:David Atkin
David Atkin earned 500 total points
ID: 41727571
Hi there,

Have you configured the additional WAN addresses on your Sonicwall?

If so, you should be able to do this via the 'Public Server' Wizard in the top right of the sonicwall.

It will ask you to specify the external public IP address and then the local internal server address.

It would be strange for your ISP to be altering any of the destination packets.
0
 

Author Comment

by:Rupert Eghardt
ID: 41727578
Thanks David,

I published 2 x servers via the 'Public Server' Wizard.
Each on it's own public IP.  The wizard created two network objects for the public IP's.

I couldn't access the servers externally with the NAT's created by the wizard.
I checked the packet monitor and it shows Dst=[192.168.1.4]
This is the local WAN address of the SonicWALL.

After changing my NAT rule from public-IP to "WAN Interface IP", the server was accessible from the internet.
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 41728869
Hi Rupert,

Just to confirm, is this now resolved?
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 

Author Comment

by:Rupert Eghardt
ID: 41728890
Not yet, I suspect the ISP is translating the traffic, thus packet losing the public IP ...
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 41728908
If thats the case then you will need to contact them to get it confirmed. It would be a strange thing for them to do though!
0
 

Author Comment

by:Rupert Eghardt
ID: 41728940
Could there be any other reason why the packet monitor would display original destination as
Dst=[192.168.1.4] ?

I've inspected the packet data and don't see the public IP anywhere?
0
 

Accepted Solution

by:
Rupert Eghardt earned 0 total points
ID: 41732033
I believe the ISP is translating the public IP to private IP, public IP not accessible after the ISP DSL router.
Only solution is to setup two seperate networks in ISP DSL router, translating to two seperate private IP's.  Current DSL router not equipped for two interfaces, applied for router upgrade.
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 41732860
Thank you for letting us know the solution.  Glad you managed to resolve your problem.
0
 

Author Closing Comment

by:Rupert Eghardt
ID: 41737183
Problem not solved, applied for DSL router upgrade, will be using two private IP's from DSL router.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question