Filter
Top Products
SONICWALL SONICOS ENHANCED 2.5 ADMINISTRATOR’S GUIDE
103
Network > NAT Policies
When done, click on the OK button to add and activate the NAT policies. With these policies in place,
the SonicWALL security appliance translates the servers’ private IP addresses to the public IP
address when it initiates traffic out the WAN (X1) interface.
Fourth, go to the Network>NAT Policies menu and click on the Add button. The Add NAT Policy
window is displayed. To create the NAT policies to map the custom ports to the servers’ real listening
ports and to map the SonicWALL’s WAN IP address to the servers’ private addresses, choose the
following from the drop-down boxes:
• Original Source: Any
• Translated Source: Original
• Original Destination: WAN Primary IP
• Translated Destination: servone_private_ip
• Original Service: servone_public_port
• Translated Service: HTTP
• Inbound Interface: X1
• Outbound Interface: Any
• Comment: Enter a short description
• Enable NAT Policy: Checked
• Create a reflective policy: Unchecked
And:
• Original Source: Any
• Translated Source: Original
• Original Destination: WAN Primary IP
• Translated Destination: servtwo_private_ip
• Original Service: servtwo_public_port
• Translated Service: HTTP
• Source Interface: X1
• Destination Interface: Any
• Comment: Enter a short description
• Enable NAT Policy: Checked
• Create a reflective policy: Unchecked
Note: Make sure you choose ‘Any’ as the destination interface, and not the interface that the server is
on. This may seem counter-intuitive, but it’s actually the correct thing to do (if you try to specify the
interface, you get an error).
When done, click on the ‘OK’ button to add and activate the NAT policies. With these policies in place,
the SonicWALL security appliance translates the server’s public IP address to the private IP address
when connection requests arrive from the WAN (X1) interface.
Fifth, you need to create the access rules that allows anyone from the public Internet to access the
two webservers using the custom ports and the SonicWALL security appliance’s WAN IP address.
Note: With previous versions of firmware, it was necessary to write rules to the private IP address.
This has been changed as of SonicOS 2.0 Enhanced. If you write a rule to the private IP address, the
rule does not work.
Go to the Firewall>Access Rules page and choose the policy for the ‘WAN’ to ‘Sales’ zone
intersection (or, whatever zone you put your serves in). Click on the ‘Add…’ button to bring up the
pop-up window to create the policies. When the pop-up appears, enter the following values: