SlideShare ist ein Scribd-Unternehmen logo

Configuring sonic wall__port_forwarding

Helmer Villarreal
Helmer Villarreal

CONFIGURACION FIREWALL SONICMAL TZ200

Technologie
1 von 7
Downloaden Sie, um offline zu lesen
VPN Configuring Port Forwarding with the SonicWALL Product SonicOS Standard and Enhanced Introduction This tech note provides information on how to configure your SonicWALL firewall for port forwarding of FTP, SMTP and DNS. Port forwarding is used when you have internal servers that need to be accessible by the public and you have limited public IP addresses. Therefore, a one-to-one NAT is not possible or not desired. In this scenario, only one public IP address is given and it is assigned to the SonicWALL WAN interface. However, we have three servers, one running FTP, one running SMTP and one running DNS that needs to be accessible by the public, as illustrated in the diagram below. Co
2 Configuration • Port forwarding for FTP with Standard firmware: 1. In the Management UI, click on Firewall and open the Access Rules settings page. 2. Click on Add. 3. In the Rule Setting window, configure the following. Action: Allow Service: FTP Source: * Address Range: * Destination: LAN Address Range: 192.168.168.10 Comment: Port Forwarding for FTP server. 4. Click on Ok. • Port forwarding for SMTP with Standard firmware: 1. In the Management UI, click on Firewall and open the Access Rules settings page. 2. Click on Add. 3. In the Rule Setting window, configure the following. Action: Allow Service: Send E-Mail (SMTP) Source: * Address Range: * Destination: LAN Address Range: 192.168.168.11 Comment: Port Forwarding for SMTP server. 4. Click on Ok. • Port forwarding for DNS with Standard firmware: 1. In the Management UI, click on Firewall and open the Access Rules settings page. 2. Click on Add. 3. In the Rule Setting window, configure the following.
3 Action: Allow Service: Name Service (DNS) Source: * Address Range: * Destination: LAN Address Range: 192.168.168.12 Comment: Port Forwarding for DNS server. 4. Click on OK. • Port forwarding for FTP with Enhanced firmware: 1. In the Management UI, click on Firewall and open the Access Rules settings page. 2. In the Access Rules matrix, click on from WAN to LAN. 3. Click on Add. 4. In the Rule Setting window, configure the following. Action: Allow Service: FTP (ALL) Source: Any Destination: WAN Interface IP Comment: Port Forwarding for FTP server. 5. Click on OK. 6. In the Management UI, click on Network and open the Address Objects page. 7. In the Address Objects section, click on Add. 8. In the Address Object window, configure the following. Name: FTP Server Zone Assignment: LAN Type: Host
4 IP Address: <IP address of server > 9. Click on OK. 10. In the Management UI, click on Network and open the NAT Policies page. 11. Click on Add. 12. In the NAT Policy Settings window, configure the following. Original Source: Any Translated Source: Original Original Destination: WAN Interface IP Translated Destination: FTP Server <Address Object created in Steps 6-9> Original Service: FTP(ALL) Translated Service: Original Inbound Interface: WAN Outbound Interface: Any Comment: Port Forwarding for FTP server. Enable NAT Policy: Checked
5 13. Click on OK. • Port forwarding for SMTP with Enhanced firmware: 1. In the Management UI, click on Firewall and open the Access Rules settings page. 2. In the Access Rules matrix, click on from WAN to LAN. 3. Click on Add. 4. In the Rule Setting window, configure the following. Action: Allow Service: SMTP (Send E-Mail) Source: Any Destination: WAN Interface IP Comment: Port Forwarding for SMTP server. 5. Click on OK. 6. In the Management UI, click on Network and open the Address Objects page. 7. In the Address Objects section, click on Add. 8. In the Address Object window, configure the following. Name: SMTP Server Zone Assignment: LAN Type: Host IP Address: 192.168.168.11 9. Click on OK. 10. In the Management UI, click on Network and open the NAT Policies page. 11. Click on Add. 12. In the NAT Policy Settings window, configure the following. Original Source: Any Translated Source: Original Original Destination: WAN Interface IP
6 Translated Destination: SMTP Server <Address Object created in Steps 6-9> Original Service: SMTP (Send E-Mail) Translated Service: Original Inbound Interface: WAN Outbound Interface: Any Comment: Port Forwarding for SMTP server. Enable NAT Policy: Checked 13. Click on OK. • Port forwarding for DNS with Enhanced firmware: 14. In the Management UI, click on Firewall and open the Access Rules settings page. 15. In the Access Rules matrix, click on from WAN to LAN. 16. Click on Add. 17. In the Rule Setting window, configure the following. Action: Allow Service: DNS (Name Service) Source: Any Destination: WAN Interface IP Comment: Port Forwarding for DNS server. 18. Click on OK. 19. In the Management UI, click on Network and open the Address Objects page. 20. In the Address Objects section, click on Add. 21. In the Address Object window, configure the following. Name: DNS (Name Service) Zone Assignment: LAN Type: Host IP Address: 192.168.168.12 22. Click on OK. 23. In the Management UI, click on Network and open the NAT Policies page. 24. Click on Add. 25. In the NAT Policy Settings window, configure the following. Original Source: Any Translated Source: Original Original Destination: WAN Interface IP Translated Destination: DNS Server <Address Object created in Steps 6-9> Original Service: DNS (Name Service) Translated Service: Original Inbound Interface: WAN Outbound Interface: Any Comment: Port Forwarding for DNS server. Enable NAT Policy: Checked 26. Click on OK.
7 Verification • Once the configuration is completed, you should be able to access the appropriate server via the WAN IP address of the firewall and the type of service from the Internet. Troubleshooting • Make sure the service is started on the server and is listening on the correct port. • Check the firewall access rules to make sure there are no rules with a higher priority than the rules you created above that will deny the access from the public. • If you are using Enhanced firmware, in the Management UI, click on Network and open the NAT Policies page. Then go to the NAT policy you created and click on the Traffic Statistic icon as depicted in the picture below. The counters should increment as you test your port forwarding configurations. If the counters do not increment, check the NAT polices above it to make sure that no other high priority policy is affecting it. • Check the firewall logs to see if there are any dropped packets pertaining to the port forwarding you configured. The logs can be viewed by going to Log > View in the Management UI. Related Documents For more information, refer to the following SonicWALL Technotes on www.sonicwall.com/support/documentation: 1. SonicOS Enhanced: Using a Secondary Public IP Range for NAT 2. SonicOS Enhanced: Configuring the SonicWALL DHCP for GVC 3. Configuring the SonicWALL DHCP for GVC 4. Terminating the WAN GroupVPN and Using VPN Access in SonicOS Enhanced 5. Terminating the WAN GroupVPN to the LAN/DMZ using SonicOS Standard 6. Typical DMZ Setups with FTP, SMTP, and DNS Servers 7. Using the SonicOS Enhanced Wizard To Configure a Public Server 8. Common Issues with GVC 9. Network Browsing with IP Helper NetBIOS Relay 10. Creating One-to-One NAT Policies in SonicOS Enhanced 11. SonicOS Enhanced: Three Types of Network Modes Document Last Updated:11/06/06

Empfohlen

SonicWall VPN Configuration
SonicWall VPN ConfigurationSonicWall VPN Configuration
SonicWall VPN Configurationneweb
 
Basic tp link configure
Basic tp link configureBasic tp link configure
Basic tp link configureSambath Hem
 
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730Netgear Italia
 
Air Live Rs 1200
Air Live Rs 1200Air Live Rs 1200
Air Live Rs 1200guest52b3f5
 
The feature licenses available for main cisco asa 5500 models
The feature licenses available for main cisco asa 5500 modelsThe feature licenses available for main cisco asa 5500 models
The feature licenses available for main cisco asa 5500 modelsIT Tech
 
Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...
Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...
Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...Tũi Wichets
 
Webinar NETGEAR - Linee guida per il disegno di una rete wireless a elevate p...
Webinar NETGEAR - Linee guida per il disegno di una rete wireless a elevate p...Webinar NETGEAR - Linee guida per il disegno di una rete wireless a elevate p...
Webinar NETGEAR - Linee guida per il disegno di una rete wireless a elevate p...Netgear Italia
 
Webinar NETGEAR - Switch Prosafe PoE, come dimensionare opportunamente la rete
Webinar NETGEAR - Switch Prosafe PoE, come dimensionare opportunamente la reteWebinar NETGEAR - Switch Prosafe PoE, come dimensionare opportunamente la rete
Webinar NETGEAR - Switch Prosafe PoE, come dimensionare opportunamente la reteNetgear Italia
 

Empfohlen

SonicWall VPN Configuration
SonicWall VPN ConfigurationSonicWall VPN Configuration
SonicWall VPN Configurationneweb
 
Basic tp link configure
Basic tp link configureBasic tp link configure
Basic tp link configureSambath Hem
 
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730Netgear Italia
 
Air Live Rs 1200
Air Live Rs 1200Air Live Rs 1200
Air Live Rs 1200guest52b3f5
 
The feature licenses available for main cisco asa 5500 models
The feature licenses available for main cisco asa 5500 modelsThe feature licenses available for main cisco asa 5500 models
The feature licenses available for main cisco asa 5500 modelsIT Tech
 
Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...
Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...
Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...Tũi Wichets
 
Webinar NETGEAR - Linee guida per il disegno di una rete wireless a elevate p...
Webinar NETGEAR - Linee guida per il disegno di una rete wireless a elevate p...Webinar NETGEAR - Linee guida per il disegno di una rete wireless a elevate p...
Webinar NETGEAR - Linee guida per il disegno di una rete wireless a elevate p...Netgear Italia
 
Webinar NETGEAR - Switch Prosafe PoE, come dimensionare opportunamente la rete
Webinar NETGEAR - Switch Prosafe PoE, come dimensionare opportunamente la reteWebinar NETGEAR - Switch Prosafe PoE, come dimensionare opportunamente la rete
Webinar NETGEAR - Switch Prosafe PoE, come dimensionare opportunamente la reteNetgear Italia
 
Air Live POE-GSH2004l-370 - Especificaciones
Air Live POE-GSH2004l-370 - EspecificacionesAir Live POE-GSH2004l-370 - Especificaciones
Air Live POE-GSH2004l-370 - Especificacioneslcdtcorp
 
IP-PBX with Raspberry Pi3
IP-PBX with Raspberry Pi3IP-PBX with Raspberry Pi3
IP-PBX with Raspberry Pi3Doni Kuswaryadi
 
Gpon omci v2__voice_configuration_introduction_omciv2_v2_pt_telkom
Gpon omci v2__voice_configuration_introduction_omciv2_v2_pt_telkomGpon omci v2__voice_configuration_introduction_omciv2_v2_pt_telkom
Gpon omci v2__voice_configuration_introduction_omciv2_v2_pt_telkomWahyu Nasution
 
66_pfSenseTutorial
66_pfSenseTutorial66_pfSenseTutorial
66_pfSenseTutorialtutorialsruby
 
How to -_configure_port_forwarding_using_virtual_host_to_access_devices_on_in...
How to -_configure_port_forwarding_using_virtual_host_to_access_devices_on_in...How to -_configure_port_forwarding_using_virtual_host_to_access_devices_on_in...
How to -_configure_port_forwarding_using_virtual_host_to_access_devices_on_in...SaNju MuLak
 
Aruba OS 7.3 Command Line Interface Reference Guide
Aruba OS 7.3 Command Line Interface Reference GuideAruba OS 7.3 Command Line Interface Reference Guide
Aruba OS 7.3 Command Line Interface Reference GuideAruba, a Hewlett Packard Enterprise company
 
Setup VoIP System and Interconnection with LTE network
Setup VoIP System and Interconnection with LTE networkSetup VoIP System and Interconnection with LTE network
Setup VoIP System and Interconnection with LTE networkNazmul Hossain Rakib
 
Setup VoIP System and Interconnection with LTE network
Setup VoIP System and Interconnection with LTE networkSetup VoIP System and Interconnection with LTE network
Setup VoIP System and Interconnection with LTE networkNazmul Hossain Rakib
 
10 step-to-configure-cisco-call-manager-express
10 step-to-configure-cisco-call-manager-express10 step-to-configure-cisco-call-manager-express
10 step-to-configure-cisco-call-manager-expressNguyen Thanh
 
Voice over Internet Protocol (VoIP) using Asterisk
Voice over Internet Protocol (VoIP) using AsteriskVoice over Internet Protocol (VoIP) using Asterisk
Voice over Internet Protocol (VoIP) using AsteriskSameer Verma
 
Nat
NatNat
NatElshan86
 
VoIP on LTE -packet Filter
VoIP on LTE -packet FilterVoIP on LTE -packet Filter
VoIP on LTE -packet Filterraj_naveen
 
Nat 03
Nat 03Nat 03
Nat 03Davinder Chauhan
 
Capstone_Project.ppt
Capstone_Project.pptCapstone_Project.ppt
Capstone_Project.pptDhruvkumar Panchal
 
Jingle: Cutting Edge VoIP
Jingle: Cutting Edge VoIPJingle: Cutting Edge VoIP
Jingle: Cutting Edge VoIPmattjive
 
1 wireless fundamentals
1 wireless fundamentals1 wireless fundamentals
1 wireless fundamentalsVenudhanraj
 
VOIP QOS
VOIP QOSVOIP QOS
VOIP QOSThomas Mangin
 
Test
TestTest
Testsinha.mrinal
 
APFeatures_BuyersGuide
APFeatures_BuyersGuideAPFeatures_BuyersGuide
APFeatures_BuyersGuideEugene Yu
 
All about routers
All about routersAll about routers
All about routersagwanna
 
SonicWall Configuration
SonicWall ConfigurationSonicWall Configuration
SonicWall Configurationneweb
 
Sonic Wall Email Security End User
Sonic Wall Email Security End UserSonic Wall Email Security End User
Sonic Wall Email Security End UserRichard Daemen
 

Weitere ähnliche Inhalte

Was ist angesagt?

Air Live POE-GSH2004l-370 - Especificaciones
Air Live POE-GSH2004l-370 - EspecificacionesAir Live POE-GSH2004l-370 - Especificaciones
Air Live POE-GSH2004l-370 - Especificacioneslcdtcorp
 
IP-PBX with Raspberry Pi3
IP-PBX with Raspberry Pi3IP-PBX with Raspberry Pi3
IP-PBX with Raspberry Pi3Doni Kuswaryadi
 
Gpon omci v2__voice_configuration_introduction_omciv2_v2_pt_telkom
Gpon omci v2__voice_configuration_introduction_omciv2_v2_pt_telkomGpon omci v2__voice_configuration_introduction_omciv2_v2_pt_telkom
Gpon omci v2__voice_configuration_introduction_omciv2_v2_pt_telkomWahyu Nasution
 
How to -_configure_port_forwarding_using_virtual_host_to_access_devices_on_in...
How to -_configure_port_forwarding_using_virtual_host_to_access_devices_on_in...How to -_configure_port_forwarding_using_virtual_host_to_access_devices_on_in...
How to -_configure_port_forwarding_using_virtual_host_to_access_devices_on_in...SaNju MuLak
 
Setup VoIP System and Interconnection with LTE network
Setup VoIP System and Interconnection with LTE networkSetup VoIP System and Interconnection with LTE network
Setup VoIP System and Interconnection with LTE networkNazmul Hossain Rakib
 
Setup VoIP System and Interconnection with LTE network
Setup VoIP System and Interconnection with LTE networkSetup VoIP System and Interconnection with LTE network
Setup VoIP System and Interconnection with LTE networkNazmul Hossain Rakib
 
10 step-to-configure-cisco-call-manager-express
10 step-to-configure-cisco-call-manager-express10 step-to-configure-cisco-call-manager-express
10 step-to-configure-cisco-call-manager-expressNguyen Thanh
 
Voice over Internet Protocol (VoIP) using Asterisk
Voice over Internet Protocol (VoIP) using AsteriskVoice over Internet Protocol (VoIP) using Asterisk
Voice over Internet Protocol (VoIP) using AsteriskSameer Verma
 
VoIP on LTE -packet Filter
VoIP on LTE -packet FilterVoIP on LTE -packet Filter
VoIP on LTE -packet Filterraj_naveen
 
Jingle: Cutting Edge VoIP
Jingle: Cutting Edge VoIPJingle: Cutting Edge VoIP
Jingle: Cutting Edge VoIPmattjive
 
1 wireless fundamentals
1 wireless fundamentals1 wireless fundamentals
1 wireless fundamentalsVenudhanraj
 
APFeatures_BuyersGuide
APFeatures_BuyersGuideAPFeatures_BuyersGuide
APFeatures_BuyersGuideEugene Yu
 
All about routers
All about routersAll about routers
All about routersagwanna
 

Was ist angesagt? (20)

Air Live POE-GSH2004l-370 - Especificaciones
Air Live POE-GSH2004l-370 - EspecificacionesAir Live POE-GSH2004l-370 - Especificaciones
Air Live POE-GSH2004l-370 - Especificaciones
 
IP-PBX with Raspberry Pi3
IP-PBX with Raspberry Pi3IP-PBX with Raspberry Pi3
IP-PBX with Raspberry Pi3
 
Gpon omci v2__voice_configuration_introduction_omciv2_v2_pt_telkom
Gpon omci v2__voice_configuration_introduction_omciv2_v2_pt_telkomGpon omci v2__voice_configuration_introduction_omciv2_v2_pt_telkom
Gpon omci v2__voice_configuration_introduction_omciv2_v2_pt_telkom
 
66_pfSenseTutorial
66_pfSenseTutorial66_pfSenseTutorial
66_pfSenseTutorial
 
How to -_configure_port_forwarding_using_virtual_host_to_access_devices_on_in...
How to -_configure_port_forwarding_using_virtual_host_to_access_devices_on_in...How to -_configure_port_forwarding_using_virtual_host_to_access_devices_on_in...
How to -_configure_port_forwarding_using_virtual_host_to_access_devices_on_in...
 
Aruba OS 7.3 Command Line Interface Reference Guide
Aruba OS 7.3 Command Line Interface Reference GuideAruba OS 7.3 Command Line Interface Reference Guide
Aruba OS 7.3 Command Line Interface Reference Guide
 
Setup VoIP System and Interconnection with LTE network
Setup VoIP System and Interconnection with LTE networkSetup VoIP System and Interconnection with LTE network
Setup VoIP System and Interconnection with LTE network
 
Setup VoIP System and Interconnection with LTE network
Setup VoIP System and Interconnection with LTE networkSetup VoIP System and Interconnection with LTE network
Setup VoIP System and Interconnection with LTE network
 
10 step-to-configure-cisco-call-manager-express
10 step-to-configure-cisco-call-manager-express10 step-to-configure-cisco-call-manager-express
10 step-to-configure-cisco-call-manager-express
 
Voice over Internet Protocol (VoIP) using Asterisk
Voice over Internet Protocol (VoIP) using AsteriskVoice over Internet Protocol (VoIP) using Asterisk
Voice over Internet Protocol (VoIP) using Asterisk
 
Nat
NatNat
Nat
 
VoIP on LTE -packet Filter
VoIP on LTE -packet FilterVoIP on LTE -packet Filter
VoIP on LTE -packet Filter
 
Nat 03
Nat 03Nat 03
Nat 03
 
Capstone_Project.ppt
Capstone_Project.pptCapstone_Project.ppt
Capstone_Project.ppt
 
Jingle: Cutting Edge VoIP
Jingle: Cutting Edge VoIPJingle: Cutting Edge VoIP
Jingle: Cutting Edge VoIP
 
1 wireless fundamentals
1 wireless fundamentals1 wireless fundamentals
1 wireless fundamentals
 
VOIP QOS
VOIP QOSVOIP QOS
VOIP QOS
 
Test
TestTest
Test
 
APFeatures_BuyersGuide
APFeatures_BuyersGuideAPFeatures_BuyersGuide
APFeatures_BuyersGuide
 
All about routers
All about routersAll about routers
All about routers
 

Andere mochten auch

SonicWall Configuration
SonicWall ConfigurationSonicWall Configuration
SonicWall Configurationneweb
 
Sonic Wall Email Security End User
Sonic Wall Email Security End UserSonic Wall Email Security End User
Sonic Wall Email Security End UserRichard Daemen
 
How to install SQLSERVER 2012
How to install SQLSERVER 2012How to install SQLSERVER 2012
How to install SQLSERVER 2012Andre Nascimento
 
Windows Server 2012
Windows Server 2012Windows Server 2012
Windows Server 2012anilinvns
 
Install Windows Server 2008 Step-by-Step
Install Windows Server 2008 Step-by-StepInstall Windows Server 2008 Step-by-Step
Install Windows Server 2008 Step-by-StepMehdi Poustchi Amin
 
Step by Step Installation of Microsoft SQL Server 2012
Step by Step Installation of Microsoft SQL Server 2012 Step by Step Installation of Microsoft SQL Server 2012
Step by Step Installation of Microsoft SQL Server 2012 Sameh AboulDahab
 

Andere mochten auch (6)

SonicWall Configuration
SonicWall ConfigurationSonicWall Configuration
SonicWall Configuration
 
Sonic Wall Email Security End User
Sonic Wall Email Security End UserSonic Wall Email Security End User
Sonic Wall Email Security End User
 
How to install SQLSERVER 2012
How to install SQLSERVER 2012How to install SQLSERVER 2012
How to install SQLSERVER 2012
 
Windows Server 2012
Windows Server 2012Windows Server 2012
Windows Server 2012
 
Install Windows Server 2008 Step-by-Step
Install Windows Server 2008 Step-by-StepInstall Windows Server 2008 Step-by-Step
Install Windows Server 2008 Step-by-Step
 
Step by Step Installation of Microsoft SQL Server 2012
Step by Step Installation of Microsoft SQL Server 2012 Step by Step Installation of Microsoft SQL Server 2012
Step by Step Installation of Microsoft SQL Server 2012
 

Ähnlich wie Configuring sonic wall__port_forwarding

Configuring Dhcp Server, Scopes &amp; Superscopes
Configuring Dhcp Server, Scopes &amp; SuperscopesConfiguring Dhcp Server, Scopes &amp; Superscopes
Configuring Dhcp Server, Scopes &amp; Superscopesjocelyn_tanner
 
Dhcp, dns and proxy server (1)
Dhcp, dns and proxy server (1)Dhcp, dns and proxy server (1)
Dhcp, dns and proxy server (1)Sahira Khan
 
Transparent firewall filtering bridge - pf sense 2.0.2 by william tarrh
Transparent firewall filtering bridge - pf sense 2.0.2 by william tarrhTransparent firewall filtering bridge - pf sense 2.0.2 by william tarrh
Transparent firewall filtering bridge - pf sense 2.0.2 by william tarrhHichem Chehida
 
System installation in CCTV
System installation in CCTVSystem installation in CCTV
System installation in CCTVhepzijustin
 
Dhcp server and windows 2012
Dhcp server and windows 2012Dhcp server and windows 2012
Dhcp server and windows 2012HEM Sothon
 
Nat Server Configuration Steps
Nat Server Configuration StepsNat Server Configuration Steps
Nat Server Configuration StepsPasala Jayaraju
 
AltiGen Advanced Call Router Manual
AltiGen Advanced Call Router ManualAltiGen Advanced Call Router Manual
AltiGen Advanced Call Router ManualCTI Communications
 
Tmg 2010
Tmg 2010Tmg 2010
Tmg 2010Dac Sah
 
Digium ip pbx admin-manual
Digium ip pbx admin-manualDigium ip pbx admin-manual
Digium ip pbx admin-manualjanamejay1978
 
HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...
HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...
HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...Protect724manoj
 
ArcSight Logger Forwarding Connector for HP NNMi Configuration Guide 5.1.7.6081
ArcSight Logger Forwarding Connector for HP NNMi Configuration Guide 5.1.7.6081 ArcSight Logger Forwarding Connector for HP NNMi Configuration Guide 5.1.7.6081
ArcSight Logger Forwarding Connector for HP NNMi Configuration Guide 5.1.7.6081 Protect724manoj
 
3.3_-_Lecture_3_Installing_the_DNS_Server_Role.pdf
3.3_-_Lecture_3_Installing_the_DNS_Server_Role.pdf3.3_-_Lecture_3_Installing_the_DNS_Server_Role.pdf
3.3_-_Lecture_3_Installing_the_DNS_Server_Role.pdfssuserfd0132
 
Setting up computer servers (sucs)
Setting up computer servers (sucs)Setting up computer servers (sucs)
Setting up computer servers (sucs)Melchor Maravillas
 
Mikro tik vpn configuration with site converted
Mikro tik vpn configuration with site convertedMikro tik vpn configuration with site converted
Mikro tik vpn configuration with site convertedUttam Ds
 

Ähnlich wie Configuring sonic wall__port_forwarding (20)

Mikrotik pcq
Mikrotik pcqMikrotik pcq
Mikrotik pcq
 
Configuring Dhcp Server, Scopes &amp; Superscopes
Configuring Dhcp Server, Scopes &amp; SuperscopesConfiguring Dhcp Server, Scopes &amp; Superscopes
Configuring Dhcp Server, Scopes &amp; Superscopes
 
Dhcp, dns and proxy server (1)
Dhcp, dns and proxy server (1)Dhcp, dns and proxy server (1)
Dhcp, dns and proxy server (1)
 
Transparent firewall filtering bridge - pf sense 2.0.2 by william tarrh
Transparent firewall filtering bridge - pf sense 2.0.2 by william tarrhTransparent firewall filtering bridge - pf sense 2.0.2 by william tarrh
Transparent firewall filtering bridge - pf sense 2.0.2 by william tarrh
 
System installation in CCTV
System installation in CCTVSystem installation in CCTV
System installation in CCTV
 
Dhcp server and windows 2012
Dhcp server and windows 2012Dhcp server and windows 2012
Dhcp server and windows 2012
 
Nat Server Configuration Steps
Nat Server Configuration StepsNat Server Configuration Steps
Nat Server Configuration Steps
 
AltiGen Advanced Call Router Manual
AltiGen Advanced Call Router ManualAltiGen Advanced Call Router Manual
AltiGen Advanced Call Router Manual
 
Tmg 2010
Tmg 2010Tmg 2010
Tmg 2010
 
Digium ip pbx admin-manual
Digium ip pbx admin-manualDigium ip pbx admin-manual
Digium ip pbx admin-manual
 
Applications.docx
Applications.docxApplications.docx
Applications.docx
 
Whatsup
WhatsupWhatsup
Whatsup
 
Whatsup
WhatsupWhatsup
Whatsup
 
Fire Eye Appliance Quick Start
Fire Eye Appliance Quick StartFire Eye Appliance Quick Start
Fire Eye Appliance Quick Start
 
HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...
HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...
HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...
 
ArcSight Logger Forwarding Connector for HP NNMi Configuration Guide 5.1.7.6081
ArcSight Logger Forwarding Connector for HP NNMi Configuration Guide 5.1.7.6081 ArcSight Logger Forwarding Connector for HP NNMi Configuration Guide 5.1.7.6081
ArcSight Logger Forwarding Connector for HP NNMi Configuration Guide 5.1.7.6081
 
3.3_-_Lecture_3_Installing_the_DNS_Server_Role.pdf
3.3_-_Lecture_3_Installing_the_DNS_Server_Role.pdf3.3_-_Lecture_3_Installing_the_DNS_Server_Role.pdf
3.3_-_Lecture_3_Installing_the_DNS_Server_Role.pdf
 
Microsoft Lync Server 2010 Installation
Microsoft Lync Server 2010 InstallationMicrosoft Lync Server 2010 Installation
Microsoft Lync Server 2010 Installation
 
Setting up computer servers (sucs)
Setting up computer servers (sucs)Setting up computer servers (sucs)
Setting up computer servers (sucs)
 
Mikro tik vpn configuration with site converted
Mikro tik vpn configuration with site convertedMikro tik vpn configuration with site converted
Mikro tik vpn configuration with site converted
 

Kürzlich hochgeladen

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 

Kürzlich hochgeladen (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 

Configuring sonic wall__port_forwarding

  • 1. VPN Configuring Port Forwarding with the SonicWALL Product SonicOS Standard and Enhanced Introduction This tech note provides information on how to configure your SonicWALL firewall for port forwarding of FTP, SMTP and DNS. Port forwarding is used when you have internal servers that need to be accessible by the public and you have limited public IP addresses. Therefore, a one-to-one NAT is not possible or not desired. In this scenario, only one public IP address is given and it is assigned to the SonicWALL WAN interface. However, we have three servers, one running FTP, one running SMTP and one running DNS that needs to be accessible by the public, as illustrated in the diagram below. Co
  • 2. 2 Configuration • Port forwarding for FTP with Standard firmware: 1. In the Management UI, click on Firewall and open the Access Rules settings page. 2. Click on Add. 3. In the Rule Setting window, configure the following. Action: Allow Service: FTP Source: * Address Range: * Destination: LAN Address Range: 192.168.168.10 Comment: Port Forwarding for FTP server. 4. Click on Ok. • Port forwarding for SMTP with Standard firmware: 1. In the Management UI, click on Firewall and open the Access Rules settings page. 2. Click on Add. 3. In the Rule Setting window, configure the following. Action: Allow Service: Send E-Mail (SMTP) Source: * Address Range: * Destination: LAN Address Range: 192.168.168.11 Comment: Port Forwarding for SMTP server. 4. Click on Ok. • Port forwarding for DNS with Standard firmware: 1. In the Management UI, click on Firewall and open the Access Rules settings page. 2. Click on Add. 3. In the Rule Setting window, configure the following.
  • 3. 3 Action: Allow Service: Name Service (DNS) Source: * Address Range: * Destination: LAN Address Range: 192.168.168.12 Comment: Port Forwarding for DNS server. 4. Click on OK. • Port forwarding for FTP with Enhanced firmware: 1. In the Management UI, click on Firewall and open the Access Rules settings page. 2. In the Access Rules matrix, click on from WAN to LAN. 3. Click on Add. 4. In the Rule Setting window, configure the following. Action: Allow Service: FTP (ALL) Source: Any Destination: WAN Interface IP Comment: Port Forwarding for FTP server. 5. Click on OK. 6. In the Management UI, click on Network and open the Address Objects page. 7. In the Address Objects section, click on Add. 8. In the Address Object window, configure the following. Name: FTP Server Zone Assignment: LAN Type: Host
  • 4. 4 IP Address: <IP address of server > 9. Click on OK. 10. In the Management UI, click on Network and open the NAT Policies page. 11. Click on Add. 12. In the NAT Policy Settings window, configure the following. Original Source: Any Translated Source: Original Original Destination: WAN Interface IP Translated Destination: FTP Server <Address Object created in Steps 6-9> Original Service: FTP(ALL) Translated Service: Original Inbound Interface: WAN Outbound Interface: Any Comment: Port Forwarding for FTP server. Enable NAT Policy: Checked
  • 5. 5 13. Click on OK. • Port forwarding for SMTP with Enhanced firmware: 1. In the Management UI, click on Firewall and open the Access Rules settings page. 2. In the Access Rules matrix, click on from WAN to LAN. 3. Click on Add. 4. In the Rule Setting window, configure the following. Action: Allow Service: SMTP (Send E-Mail) Source: Any Destination: WAN Interface IP Comment: Port Forwarding for SMTP server. 5. Click on OK. 6. In the Management UI, click on Network and open the Address Objects page. 7. In the Address Objects section, click on Add. 8. In the Address Object window, configure the following. Name: SMTP Server Zone Assignment: LAN Type: Host IP Address: 192.168.168.11 9. Click on OK. 10. In the Management UI, click on Network and open the NAT Policies page. 11. Click on Add. 12. In the NAT Policy Settings window, configure the following. Original Source: Any Translated Source: Original Original Destination: WAN Interface IP
  • 6. 6 Translated Destination: SMTP Server <Address Object created in Steps 6-9> Original Service: SMTP (Send E-Mail) Translated Service: Original Inbound Interface: WAN Outbound Interface: Any Comment: Port Forwarding for SMTP server. Enable NAT Policy: Checked 13. Click on OK. • Port forwarding for DNS with Enhanced firmware: 14. In the Management UI, click on Firewall and open the Access Rules settings page. 15. In the Access Rules matrix, click on from WAN to LAN. 16. Click on Add. 17. In the Rule Setting window, configure the following. Action: Allow Service: DNS (Name Service) Source: Any Destination: WAN Interface IP Comment: Port Forwarding for DNS server. 18. Click on OK. 19. In the Management UI, click on Network and open the Address Objects page. 20. In the Address Objects section, click on Add. 21. In the Address Object window, configure the following. Name: DNS (Name Service) Zone Assignment: LAN Type: Host IP Address: 192.168.168.12 22. Click on OK. 23. In the Management UI, click on Network and open the NAT Policies page. 24. Click on Add. 25. In the NAT Policy Settings window, configure the following. Original Source: Any Translated Source: Original Original Destination: WAN Interface IP Translated Destination: DNS Server <Address Object created in Steps 6-9> Original Service: DNS (Name Service) Translated Service: Original Inbound Interface: WAN Outbound Interface: Any Comment: Port Forwarding for DNS server. Enable NAT Policy: Checked 26. Click on OK.
  • 7. 7 Verification • Once the configuration is completed, you should be able to access the appropriate server via the WAN IP address of the firewall and the type of service from the Internet. Troubleshooting • Make sure the service is started on the server and is listening on the correct port. • Check the firewall access rules to make sure there are no rules with a higher priority than the rules you created above that will deny the access from the public. • If you are using Enhanced firmware, in the Management UI, click on Network and open the NAT Policies page. Then go to the NAT policy you created and click on the Traffic Statistic icon as depicted in the picture below. The counters should increment as you test your port forwarding configurations. If the counters do not increment, check the NAT polices above it to make sure that no other high priority policy is affecting it. • Check the firewall logs to see if there are any dropped packets pertaining to the port forwarding you configured. The logs can be viewed by going to Log > View in the Management UI. Related Documents For more information, refer to the following SonicWALL Technotes on www.sonicwall.com/support/documentation: 1. SonicOS Enhanced: Using a Secondary Public IP Range for NAT 2. SonicOS Enhanced: Configuring the SonicWALL DHCP for GVC 3. Configuring the SonicWALL DHCP for GVC 4. Terminating the WAN GroupVPN and Using VPN Access in SonicOS Enhanced 5. Terminating the WAN GroupVPN to the LAN/DMZ using SonicOS Standard 6. Typical DMZ Setups with FTP, SMTP, and DNS Servers 7. Using the SonicOS Enhanced Wizard To Configure a Public Server 8. Common Issues with GVC 9. Network Browsing with IP Helper NetBIOS Relay 10. Creating One-to-One NAT Policies in SonicOS Enhanced 11. SonicOS Enhanced: Three Types of Network Modes Document Last Updated:11/06/06