How can I open ports or allow access to internal server through the firewall using the Wizards/Quick configuration?
07/26/2023 2,028 People found this article helpful 540,963 Views
Description
This article explains how to open ports or enable port forwarding or allow access to internal server through the SonicWall for the following options using the Wizards/Quick Configuration Setup:
- Web Services
- FTP Services
- Mail Services
- Terminal Services
- Other Services
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
Consider the following example where the server is behind the firewall. This is the server we would like to allow access from outside (WAN).
- The Firewall's WAN IP is 1.1.1.1
- The server's private IP is 192.168.1.100
- We would like to NAT the firewall's WAN IP (1.1.1.1) to the server IP on LAN IP (192.168.1.100) and vice-versa.
- To allow access to the server, select the WIZARDS option from the top of the page on the web GUI. This opens up the configuration dialog.
- Select Public Server Guide in the following dialog and click Next to proceed.
- The following options are available in the next dialog
- Web Services: Allows HTTP (TCP port 80) and HTTPS (TCP port 443).
- FTP Services: Allows TCP port 21.
- Mail Services: Allows SMTP (TCP port 25), POP3 (TCP port 110) and IMAP (TCP port 143).
- Terminal Services: Allows RDP (TCP port 3389) and Citrix ICA (TCP port 1494).
- Other Services: You can select other services from the drop-down list. This list contains all the service objects and groups on the firewall. You can select this option to add a custom port object or group to the firewall for use. Read more about Service Objects here.
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
Consider the following example where the server is behind the firewall. This is the server we would like to allow access from outside (WAN).
- The Firewall's WAN IP is 1.1.1.1
- The server's private IP is 192.168.1.100
- We would like to NAT the firewall's WAN IP (1.1.1.1) to the server IP on LAN IP (192.168.1.100) and vice-versa.
- To allow access to the server, select the QUICK CONFIGURATION option from the top of the page on the web GUI. This opens up the configuration dialog.
- Select Public Server Guide in the following dialog.
- The following options are available in the next dialog
- Web Services: Allows HTTP (TCP port 80) and HTTPS (TCP port 443).
- FTP Services: Allows TCP port 21.
- Mail Services: Allows SMTP (TCP port 25), POP3 (TCP port 110) and IMAP (TCP port 143).
- Terminal Services: Allows RDP (TCP port 3389) and Citrix ICA (TCP port 1494).
- Other Services: You can select other services from the drop-down list. This list contains all the service objects and groups on the firewall. You can select this option to add a custom port object or group to the firewall for use. Read more about Service Objects here.
- The next dialog requires the public IP of the server. Predominantly, the private IP is NAT'ed to the SonicWall's WAN IP, but you can also enter a different public IP address if you would like to translate the server to a different IP. For our example, the IP address is 1.1.1.1.
- The following dialog lists the configuration that will be added once the wizard is complete.
- Select Apply to complete the process.You can verify if the rules and NAT policies have been created by checking under Manage | Policies | Rules | Access Rules | NAT Policy (as shown below).
NOTE: Setup will add one access rules in matrix WAN to LAN to allow traffic from outside to inside and 3 NAT policies for inbound, outbound and loopback translation. Read more about NAT policies here.
READ MORE: How to open ports or allow access to server without using Wizard/Quick Configuration.
Related Articles
Categories
Was This Article Helpful?
YESNO