0 like 0 dislike
1 view
in Bilgi Teknolojileri by anonymous Bilge (165k points)
reshown by anonymous
sonicwall sunucuya public ip üzerinden erişim

2 Answers

0 like 0 dislike
by anonymous Bilge (165k points)

SonicOS 6.5 was released September 2017. This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 and later firmware.

The idea behind this policy is that you must translate your source into a public object if you wish to talk to the public IPs from the LAN.

Login to the SonicWall Management GUI.
Navigate to Manage | Policies | Rules | NAT Policies submenu.
Click on the Add button.
Create the following NAT Policy.
Original Source: LAN Subnets (or Firewalled Subnets if you want hosts in other zones to be included)
Translated Source: WAN Interface IP
Original Destination: WAN Interface IP
Translated Destination: (LAN server object)
Original Service: Any
Translated Service: Original
Inbound Interface: Any
Outbound Interface: Any

0 like 0 dislike
by anonymous Bilge (165k points)

Loopback Policy for One-to-One NAT

You can apply this in one-to-one NAT scenario as well when the public IP address is not the WAN interface IP.

Imagine that you now have a working setup with private side 10.100.0.3 (LAN server object) and public side 3.3.2.10 (WAN server object). You would need this custom NAT Policy:

  • Original Source: LAN Subnets
  • Translated Source: WAN Interface IP
  • Original Destination: (WAN server object)
  • Translated Destination: (LAN server object)
  • Original Service: Any
  • Translated Service: Original
  • Inbound Interface: Any
  • Outbound Interface: Any

This example can be modified to provide the same access for a server on the DMZ (or other zone) by using DMZ server object in place of the LAN server object.

How to Test this Scenario:

You can now verify whether the loopback NAT policy is functioning by testing from private side to the public ip address of server. It is recommended to use the public IP address of the server instead of DNS names. If using DNS names, make sure it is resolving to the Public IP address.

...