I am in the process of installing a new network. New T1, new sonicwall pro 3060 firewall, the works. The WAN port on the sonicwall is a static public ip address. I have the lan on a private network. What I need to do is get a public ip address to function within the private network. Not using the DMZ. I am wondering if this is even possible. I am very clueless to static routes. Any help would be appreciated.
c'mon, the pro 3060 is a decent device, read the documentation if you will be working on it.
assuming you have "enhancd" OS, which is most likely:
assuming you got an IP range from your ISP you create an object for "server ip inside" create an object for "server IP outside"
creat NAT from "server IP outside" to "server ip inside" create NAT from "server ip inside" to "server IP outside"
create firewall rule: from Zone: WAN ro LAN, allow any source to "server IP outside" whatever service you want
you'r done.
if you actually want to use the public IP in your LAN without NAT:
create object "public_ip" in LAN with public IP
create NAT entry: "public_ip" to any -keep original (which means do _not_ perform nat) (do it in both directions if you want it to be reached from the outside, and add firewall rule)
since this is more specific than the one to many default rule (perform NAT on all LAN IP's with Sonicwall Public IP) it will work.
now this "public_ip" is accessible from outside and has Internet Access.
now you need to add a static route for the LAN zone to _not_ take default gateway, if it wants to access "public_ip"
actually, I believe Sonicwall will add this entry automatically, once you create the object on the LAN Zone. just check your routing table after creating the object.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.