
Allowing WAN -> DMZ Connection
If you are already forwarding HTTP or HTTPS to an internal server, and you only have a single public IP address, you will need to select different (unique) ports of operation for either the existing servers or for the SonicWALL SRA appliance, because both cannot concurrently use the same IP address and port combinations.
To create a public server access rule for HTTPS traffic:
1.Click the Wizards icon at the top right of the interface.
2.On the 'Welcome' page, select the Public Server Wizard and then click Next.
3.On the 'Public Server Type' page, select:
Server Type | Other |
|
|
Services | Create new group |
|
|
The 'Add Service Group' dialog box is displays.
4.In the 'Add Service Group' dialog box, create a service group for HTTP and HTTPS:
•Enter a name for the service.
•Select both HTTP and HTTPS and click .
•Click OK when HTTP and HTTPS are in the right column.
5.On the 'Public Server Type' page, click Next.
6.On the 'Server Private Network Configuration' page, enter the following and click Next:
Server Name | Name for the SonicWALL SRA |
|
|
Server Private IP Address | 'X0' IP address of the SRA appliance |
| within your DMZ range, such as |
| 10.1.1.200 |
|
|
Server Comment | Brief description of the server |
|
|
7.On the 'Server Public Information' page, accept the default IP address or enter an IP address in your allowed public IP range. Click Next.
Note: The default IP address is the WAN IP address of your SonicWALL firewall. If you accept this default, all HTTP and HTTPS traffic to this IP address will be routed to your SonicWALL SRA.
8.The 'Public Server Configuration Summary' page displays all configuration actions that will be performed to create the public server. Click Apply to create the configuration and allow access from the WAN to the SonicWALL SRA on the DMZ.
SonicWALL SRA 1200/4200 Getting Started Guide Page 33