This article will guide you through configuring access to the internal device or the server behind the scenes SonicWall Firewall device from external network.
By default SonicWall has a deny rule that will block all traffic. This is used to protect internal devices from malicious access, but we still have to open part of the network, such as servers, to allow access from the outside. To do this we need NAT policy and Security Policy to allow the necessary traffic.
In this example we will allow access using TCP port 3390 to the internal device with IP: 172.27.78.81, accessible using X1 IP from the outside.
1. Create NAT policy:
– Move to Policy – Rules and Policies – NAT Policy and choose Add at the bottom of the page.
– Name the Rule and enter the following information in the tab Original.
- Original Source: Any
- Original Destination: X1 IP
- Original Service: TCP 3390 (Select the pencil icon next to it and select add a new service object). Use protocol as TCP and port range as 3390 to 3390 and select Save.
- Inbound Interface: X1
- Outbound Interface: Any
– Use the following options at tab Translated.
- Translated Source: Original
- Translated Destination: LAN PC (Select the pencil icon next to it and select add a new address object). Add host type at zone Lan with IP address: 172.27.78.81)
- Translated Service: Original
– All options at tab Advanced/Actions You can leave it as default, then select Add.
2. Create Security Policy:
– Move to Policy – Rules and Policies – Security policy and click select top at the bottom of the page, to add a new policy at the top of the list.
– Name the Rule, in the tab Source/Destinationchoose as follows:
- Source Zone/Interface: WAN
- Source Address: Any
- Source Port/Services: Any
- Destination Zone/Interface: LAN
- Destination Address: X1 IP
- Destination Port/Services: TCP 3390
– Other options can be left as default.
– All items at tab App/URL/Custom Match can be left as default.
– Select Default Profile in Security Rule Actiondefinitely item Action is set Allow and policy is in state Enable and then select Add.
!!! Thank you for following the article!!!
Xem tiếp...