332
SONICWALL SONICOS ENHANCED 2.5 ADMINISTRATOR’S GUIDE
C
HAPTER
49:
Configuring a Public Server with the Wizard
The wizard creates the address object for the new server. Because the IP address of the server
added in the example is in the IP address range assigned to the DMZ, the wizard binds the
address object to the DMZ zone. It gives the object a name of the name you specified for the
server plus “_private”. If you specify an IP in the range of another zone, it will bind the address
object to that zone. If you specify an IP address out of the range of any zone you have configured,
the wizard will bind the address object to the LAN zone.
Because the server in the example used the default WAN IP address for the Server Public IP
Address, the wizard states that it will use the existing WAN address object when constructing
policies between the new server and the WAN. If you specify another address, the server will
create an object for that address bound to the WAN zone and assign the new address object a
name of the name you specified for the server plus “_public”.
• Server Service Group Object
The wizard creates a service group object for the services used by the new server. Because the
server in the example is a web server, the service group includes HTTP and HTTPS. This way,
you have a convenient group to refer to when creating or editing access policies for this server.
• Server NAT Policies
The wizard creates a NAT policy to translate the destination addresses of all incoming packets
with one of the services in the new service group and addressed to the WAN address to the
address of the new server. Therefore, in this example, if a packet with service type of HTTPS
comes in addressed to the WAN interface (10.0.93.43), the NAT policy will translate its address to
172.22.2.44.
The wizard also creates a Loopback NAT policy to translate HTTP and HTTPS traffic from inside
your network addressed to the WAN IP address back to the address of the mail server.
• Server Access Rules
The wizard creates an access policy allowing all mail traffic service traffic from the WAN zone to
the DMZ.
10
Click Apply in the Public Server Configuration Summary page to complete the wizard and apply
the configuration to your SonicWALL.