Allowing WAN DMZ Connection | SonicWALL SRA 1200/4200 guide

Allowing WAN -> DMZ Connection

If you are already forwarding HTTP or HTTPS to an internal server, and you only have a single public IP address, you will need to select different (unique) ports of operation for either the existing servers or for the SonicWALL SRA appliance, because both cannot concurrently use the same IP address and port combinations.

To create a public server access rule for HTTPS traffic:

1.Click the Wizards icon at the top right of the interface.

2.On the 'Welcome' page, select the Public Server Wizard and then click Next.

3.On the 'Public Server Type' page, select:

Server Type	Other

Services	Create new group

The 'Add Service Group' dialog box is displays.

4.In the 'Add Service Group' dialog box, create a service group for HTTP and HTTPS:

•Enter a name for the service.

•Select both HTTP and HTTPS and click .

•Click OK when HTTP and HTTPS are in the right column.

5.On the 'Public Server Type' page, click Next.

6.On the 'Server Private Network Configuration' page, enter the following and click Next:

Server Name	Name for the SonicWALL SRA

Server Private IP Address	'X0' IP address of the SRA appliance
	within your DMZ range, such as
	10.1.1.200

Server Comment	Brief description of the server

7.On the 'Server Public Information' page, accept the default IP address or enter an IP address in your allowed public IP range. Click Next.

Note: The default IP address is the WAN IP address of your SonicWALL firewall. If you accept this default, all HTTP and HTTPS traffic to this IP address will be routed to your SonicWALL SRA.

8.The 'Public Server Configuration Summary' page displays all configuration actions that will be performed to create the public server. Click Apply to create the configuration and allow access from the WAN to the SonicWALL SRA on the DMZ.

SonicWALL SRA 1200/4200 Getting Started Guide Page 33

Image 34

SonicWALL SRA 1200/4200 manual Allowing WAN DMZ Connection, Enter a name for the service

Contents

Getting Started Guide Document Contents SonicWALL SRA 1200/4200 Getting Started Guide 2 Document Contents Setting Up Your Network This Section SRA 1200 System Requirements Package Contents for the SonicWALL SRAMissing Items? SRA 4200 System Requirements Network Configuration Information Recording Configuration InformationAdministrator Information What You Need to Begin Selecting a Deployment Scenario Scenario Overviews Scenario B SRA on an Existing DMZ Applying Power to the SonicWALL SRA Accessing the Management Interface Troubleshooting Connecting Your Appliance Configuring Your SRA 1200/4200 Setting Your Administrator Password Adding a Local User Setting the Time ZoneNavigate to Users Local Users Configuring the X0 IP Address for Scenario B and Scenario C Configuring SRA Network SettingsConfiguring DNS / Wins Click Accept Configuring a Default Route Adding a NetExtender Client Route Navigate to the NetExtender Client Routes Setting Your NetExtender Address Range 192.168.200.100 to Connecting Your SRA 1200/4200 Scenario a Connecting Your Network Interfaces Scenario B Connecting Your Network Interfaces Scenario C Connecting Your Network Interfaces 20 Connecting Your SRA 1200/4200 Registering Your Appliance Before You Register Creating a MySonicWALL AccountRegistering Your SonicWALL SRA Product Registration Services and Licensing Service Management Activating Services and Software Flexible Per-User Licensing Trying or Purchasing Services 26 Services and Licensing Network Configuration Scenario a SRA on a New DMZ Adding a New SRA Custom Zone Connecting to a SonicWALL Security ApplianceUn-select the Allow Interface Trust checkbox Allowing a WAN SRA Connection Enter a name for the serviceEnter your Subnet Mask Navigate to the Network Address Objects Allowing an SRA LAN ConnectionClick Name for NetExtender Scenario B SRA on an Existing DMZ Prerequisites Allowing WAN DMZ Connection Allowing DMZ LAN Connection Continue to Testing Your Remote Connection on Configuring SRA LAN Connectivity Scenario C SRA on the LAN Name Name for NetExtender Zone Assignment Select the Public Server Wizard option and click Next Setting Public Server AccessSelect Http and Https checkboxes, and click Next Testing Your Remote Connection Verifying a User Connection from the Internet 40 Testing Your Remote Connection Upgrading Your Appliance Exporting a Copy of Your Configuration Settings Obtaining the Latest SRA SSL VPN Image Uploading a New SRA SSL VPN Image Uploaded Firmware with Factory Defaults NewUploaded Firmware New Resetting the Appliance Using SafeMode Support and Training Options Customer Support Knowledge Base User Forums Training Related Documentation SonicWALL Live Product Demos SonicWALL Secure Wireless Network Integrated Solutions Guide Page Safety and Regulatory Information Lithium Battery Warning Cable Connections Hinweis zur Lithiumbatterie Weitere Hinweise zur MontageKabelverbindungen Declaration of Conformity Complies with EN 55022 Class a and CISPR22 Class a Bmsi Statement Class a Regulatory Information for Korea SWL-1RK23-088 Copyright Notice Trademarks SonicWALL SRA 1200/4200 Getting Started Guide 60 Notes SonicWALL, Inc