Using Multiple WAN IP Addresses with Dell SonicWALL TZ 600

firewallrouting

We have a BT 21CN fibre connection into our firewall – it's just one patch cable into the X1 WAN port.

The connection has 5 public IP addresses.

For testing purposes, I need my machine, which is behind the firewall, to use one of those public IP addresses, which is not assigned to X1, as a gateway to the Internet. This is because we've set up special access rules for our default Internet IP address to one of our web servers somewhere else. There are also a few other times where this might be useful.

As it is, our firewall only knows that the X1 has one public WAN IP address. How do I go about telling it there are several WAN IP addresses, and how on earth can I then configure a new gateway on it which I can specify manually on my workstation?

I do, of course, want to leave the 'default' WAN gateway well alone as we have a network full of users using it.

Best Answer

As others have stated there is not a need to configure any sub-interfaces on the SonicWALL. I am assuming your modem is already in bridge mode since you have a public IP address configured on the SonicWALL Internet facing interface, if this is not so this needs to be done.

There is nothing you need to do to announce those IPs from the SonicWALL because in bridge mode the SonicWALL is acting as an authoritative device of sort for them with your modem acting as the gateway.

The only thing that needs configured is a NAT policy mapping the desired public IP address to desired private IP address. The easiest way to do this is via the public server wizard which can be located on the top right corner of the web interface.

Step 1: Launch Wizards
Step 2: Select "Public Server Wizard"
Step 3: Specify Server Type and what ports you would like forwarded.
Step 4: Specify the private IP address of the server, and a friendly name to help you identify it in the ruleset.
Step 5: Specify the Public IP address you would like to use.
Step 6: Review the summary to ensure everything is correct, and apply your changes!

If you need to make changes down the line, you can see your NAT policy under Network > NAT Policies

This should have no operational impact, however with any change you should exercise discretion and play it safe by making the change within a downtime window to minimize any potential user impact.

http://documents.software.dell.com/sonicos/5.9/administration-guide/wizards/providing-public-access-to-an-internal-server/wizards-public-server-wizard?ParentProduct=850

Related Topic