Link to home
Start Free TrialLog in
Avatar of Rupert Eghardt
Rupert EghardtFlag for South Africa

asked on

SonicWALL TZ400: Firewall "Access Rules" not showing Incoming Rules

Hi Guys,

Our SonicWALL TZ400 recently only shows the outbound and loop-back rules.
The Inbound rules are no longer displayed on the Firewall / Access Rules page.

I believe this could just a setting?  It doesn't show all the rules even after selecting "Load All" ...
Avatar of CES
CES

Can you post a screenshot?
SonicWall uses a Zone to Zone based rule base.
With inbound, I assume you mean from WAN to LAN rules?
Are you in the LAN to WAN table instead of All to All ?
Avatar of Rupert Eghardt

ASKER

I clicked on the Matrix View button and selected All to All, still shows the same.

If you look at the screenshot as an example,
Only two of the three Exchange rules are being displayed
SonicWALL-Access-Rules.png
besides the Zone to Zone filter and the IP version filter in your firmware, there are no other filter options.
If a rule is missing, it's been deleted by some one?

Optionally you can use the Search bar and type in part of that you think it should say, e.g. exchange

rule 48 Webmail seems related, is that the rule you were looking for?
Unfortunately not the rule I am looking for.
Of all my access rules to each published server (3 x rules per server)
* only one rule is missing for each server.

What is strange is that all services are working as before.  It seems that the missing rules are only not being displayed, but they are somewhere?
could you give an example of which rule you are missing?
what would it have looked like?
Exactly which rule seems to be missing, given you have 2 WAN > LAN rules that you didn't black out? 1 related to Exchange, and 1 related to Webmail.

Another possible thing might involve the fact that you have WAN Interface IP configured in some of the rules. Do you have multiple ISPs? And if so, that rule might be covering both things, hence taking care of your concerns.
As an example, this is how the 3 x Exchange rules used to be:

Source Original:  Any
Source Translated:  LAN Interface IP
Destination Original:  X1 IP
Destination Translated:  MS Exchange Private
Service Original:  MS Exchange Services
Services Translated:  Original


Source Original:  Firewall Subnets
Source Translated:  X1 IP
Destination Original:  X1 IP
Destination Translated:  MS Exchange Private
Service Original:  MS Exchange Services
Services Translated:  Original

Source Original:  MS Exchange Private
Source Translated:  X1 IP
Destination Original:  Any
Destination Translated:  Original
Service Original:  MS Exchange Services
Services Translated:  Original
The first one appears to be a LAN > WAN rule. Could you please show those?
ASKER CERTIFIED SOLUTION
Avatar of J Spoor
J Spoor
Flag of Netherlands image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
these are not the rules you are looking for

the rules you are looking for are under Network > NAT Policies
Thanks J Spoor!

We upgraded the firmware and for some reason I got lost between access rules and NAT policies ;-)

I guess problem solved then ...
no problem, glad to be of service.

You would not be the first to confuse the two.
... Now under Policies, Rules, NAT Policies
TZ400.png
that's indeed the SonicOS 6.5 UI.

If you get lost on that, Left Bottom you will find an icon that turns the UI into the old style :)