Read Microsoft Word - Creating_One_to_One NAT_Policies_in_OS_Enhanced.doc text version

VPN

Creating One-to-One NAT Policies in OS Enhanced

Introduction

This document contains configuration examples of static NAT policies and access rules to provide access to internal servers. In this scenario, there are three servers on the LAN. Each server is configured with a private IP address. The SonicWALL will be configured to translate the IP address in packets sourced from and destined to each server. The source address in outgoing packets will be translated from the private IP address to the public IP address, and the destination address in incoming packets will be translated from the public IP address to the private IP address.

Setup

The first step is to create two address objects for each server. One address object will reflect the internal or private IP address, and the other will reflect the external or public IP address. In the example below, note that the FTP Server's private address object belongs to the LAN zone, and the public address object belongs to the WAN zone.

Network > Address Objects

The next step is to create the NAT Policies. Two policies are needed: one for the outbound traffic, and one for the inbound traffic. Note that in the example below, "Create a reflexive policy" is enabled. When this is enabled on a NAT Policy, a matching NAT Policy is automatically created in the opposite direction.

Network > NAT Policies

2

Network > NAT Policies

The final step is to create Access Rules to define access to and from the internal servers. In the example below, the access rule is allowing all FTP traffic to the internal FTP server. Firewall > Access Rules

3

Related Documents

For more information, refer to the following SonicWALL Technotes on www.sonicwall.com/support/documentation: 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. NAT over VPN with SonicOS Enhanced SonicOS Enhanced: Using a Secondary Public IP Range for NAT SonicOS Enhanced: Configuring the SonicWALL DHCP for GVC Configuring the SonicWALL DHCP for GVC Configuring Port Forwarding with the SonicWALL Terminating the WAN GroupVPN and Using VPN Access in SonicOS Enhanced Terminating the WAN GroupVPN to the LAN/DMZ using SonicOS Standard Typical DMZ Setups with FTP, SMTP, and DNS Servers Using the SonicOS Enhanced Wizard To Configure a Public Server Common Issues with GVC Network Browsing with IP Helper NetBIOS Relay SonicOS Enhanced: Three Types of Network Modes

Document Last Updated: 11/06/06

4

Information

Microsoft Word - Creating_One_to_One NAT_Policies_in_OS_Enhanced.doc

4 pages

Find more like this

Report File (DMCA)

Our content is added by our users. We aim to remove reported files within 1 working day. Please use this link to notify us:

Report this file as copyright or inappropriate

1126090


You might also be interested in

BETA
Microsoft Word - SonicWALL TZ 170SP FAQ Final.doc
Microsoft Word - site_to_site_vpn_troubleshooting_on_sonicwall_security_appliances.doc
Microsoft Word - ReadOnly-0-Rev-3-L2_Bridge_Mode_and_Transparent_Mode_Deployment_Guide.doc
SonicWALL TZ 100/200 Series Getting Started Guide
Microsoft Word - SonicWALL PRO 2040 FAQ Final.doc