Allowing WAN -> DMZ Connection

If you are already forwarding HTTP or HTTPS to an internal server, and you only have a single public IP address, you will need to select different (unique) ports of operation for either the existing servers or for the SonicWALL SRA appliance, because both cannot concurrently use the same IP address and port combinations.

To create a public server access rule for HTTPS traffic:

1.Click the Wizards icon at the top right of the interface.

2.On the 'Welcome' page, select the Public Server Wizard and then click Next.

3.On the 'Public Server Type' page, select:

Server Type

Other

 

 

Services

Create new group

 

 

The 'Add Service Group' dialog box is displays.

4.In the 'Add Service Group' dialog box, create a service group for HTTP and HTTPS:

Enter a name for the service.

Select both HTTP and HTTPS and click .

Click OK when HTTP and HTTPS are in the right column.

5.On the 'Public Server Type' page, click Next.

6.On the 'Server Private Network Configuration' page, enter the following and click Next:

Server Name

Name for the SonicWALL SRA

 

 

Server Private IP Address

'X0' IP address of the SRA appliance

 

within your DMZ range, such as

 

10.1.1.200

 

 

Server Comment

Brief description of the server

 

 

7.On the 'Server Public Information' page, accept the default IP address or enter an IP address in your allowed public IP range. Click Next.

Note: The default IP address is the WAN IP address of your SonicWALL firewall. If you accept this default, all HTTP and HTTPS traffic to this IP address will be routed to your SonicWALL SRA.

8.The 'Public Server Configuration Summary' page displays all configuration actions that will be performed to create the public server. Click Apply to create the configuration and allow access from the WAN to the SonicWALL SRA on the DMZ.

SonicWALL SRA 1200/4200 Getting Started Guide Page 33

Page 34
Image 34
SonicWALL SRA 1200/4200 manual Allowing WAN DMZ Connection, Enter a name for the service