Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Web access for a server inside a SonicWALL Pro 200

Status
Not open for further replies.
Shermanguy

Shermanguy

MIS
Sep 17, 2007
3
I'm tring to configure the above firewall to allow access to an internal server running a web based CRM from SAge. The works fine if accessing internally at The internal ip address is 192.168.1.227. I have added a rule for the http service to allow traffice from the WAN to go to the LAN to the above address. This procedure worked fine for the RDP but is not working for the web page. I get page not found when tring to access the CRM. When I look at my lof I see the a message about "IPSEC Replay Detected" the ip address are mine at home and the external address.
I'm running a 1 man shop for about 30 users so I'm learning a lot about everything but haven't figured this one out.
Help please. :)
 
Sort by date Sort by votes
In order to permit access to a web server on the LAN you need to do ALL of the following steps before it will work.

Server Address Objects
1. Create 'xxx Private' assigned to LAN Zone for Host xxx.xxx.xxx.xxx inside ip address
2. Reuse 'WAN Primary IP' address object assigned to WAN Zone for WAN ip address, or assign a new one as appropriate.

Server Service Group Object
1. Create 'xxx Services' with HTTP and HTTPS Services.

Server NAT Policies
1. Create Inbound Server NAT Policy to rewrite packets to original destination 'WAN Primary IP' to translated destination 'xxx Private'.
2. Create Outbound Server NAT Policy to rewrite packets from 'xxx Private' to translated source 'WAN Primary IP'.
3. Create Loopback NAT Policy to allow access from all internal zones to the server at public IP address from Server Address Objects item 2 above.

Server Access Rules
1. WAN > LAN - Allow 'Any' to 'WAN Primary IP' for Service Group 'xxx Services'.
Similar rules should be created from all lower security zones to the LAN zone.

I don't know if a PRO 200 has them, but look for WIZARDS and use create a Public Server Wizard. There may only be available on the new model Sonicwall's.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
336
Johnkite
Johnkite
Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
323
Sameer258
Sameer258
Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
408
Shmid
Shmid
ISDPCMAN
  • Locked
  • Question
Cannot connect to TZ-215 Sonicwall appliance with web browser!
Replies
0
Views
86
ISDPCMAN
ISDPCMAN
Russtoleum
  • Locked
  • Question
Windows client can't connect to sonicwall l2tp server
Replies
0
Views
90
Russtoleum
Russtoleum

Part and Inventory Search

Sponsor

Back
Top