Re: Sonicwall One-to-One NAT vs. DMZ

From: ghostmagic (ghostmagic_at_nospam.org)
Date: 08/13/03

• Next message: ghostmagic: "Re: Sonicwall VPN Client download"
• Previous message: Jeremia d.: "Re: msblast worm"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 12 Aug 2003 21:31:17 -0700

I would have to strongly disagree. If I understand you correctly, Michael, is
that you're looking to access the SonicWALL firewall management from the WAN
side. You could do this easiest by having 6.3.x firmware or above on that
SonicWALL. This version introduced HTTPS management of the firewall. Hence you
could manage your firewall using the public IP address via HTTPS. If you just
have a SOHO, then you'd be out of luck as it is limited to firmware 5.1.7. The
XPRS2 that you ended up buying supports the latest firmware versions.

- GM

On Tue, 22 Jul 2003 01:51:34 +0000 (UTC), Jeff Grossman <jeff@stikman.com>
declared:

>Michael Dryja <mike@dryjapat.com> wrote:
>> We have a Sonicwall SOHO device that has served us well with our small
>> network. I now need to add access to an internal web device from the
>> outside. I am using one-to-one NAT to map outside address O to inside
>> address I, added an apppropriate access rule, and we are in business!
>>
>> The only thing I do not like is that to access the web device from
>> inside the network, you can only use the inside address I, and not the
>> outside address O. So when you're inside the network, you use the
>> inside address I, and when you're outside the network, you use the
>> outside address O.
>>
>> What I'd like to do is to easily be able to access the web device
>> from *inside* the network using the external *outside* address O.
>>
>> If I were to upgrade to a Sonicwall product with a DMZ port, would
>> I be able to have this functionality?
>
>Yes, I believe you would have the functionality you need. Also, keep this
>in mind, if you use a DMZ port, and somebody breaks into the computer on
>the DMZ port, they will not have access to your LAN. It is very wise to
>put computers on the DMZ port which might have the potential comprimise of
>hackers.
>
>Jeff

-----------------------------------
~ ghostmagic ~ challenge yourself

---

• Next message: ghostmagic: "Re: Sonicwall VPN Client download"
• Previous message: Jeremia d.: "Re: msblast worm"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages RE: [fw-wiz] UPS Worldship connection problems with new firewall device ... Are there any log messages generated in the SonicWALL when the user attempts ... >of weeks back for my small office network. ... >laptop which accesses UPS ... >firewall appliance, ... (Firewall-Wizards) Re: Which Firewall?? ... One connects to the Internet/router, one is the DMZ port, and the other ... configure as a firewall in the past. ... of RAM firewalling a full T1 with OpenBSD, ... > I need it to do VPN from Network to Network as well as Client to ... (comp.security.firewalls) Re: How secure is our server? ... I have a SonicWall TZ170 that I'm thoroughly satisfied with, ... cost devices are better. ... the strangers outside your network are a much greater risk than the person ... ISA is the firewall component in SBS 2003 Premium, ... (microsoft.public.windows.server.sbs) RE: Odd SonicWall behavior ... SonicWall answered the telnet... ... I help out one of the labs at my university keep their network up and pcs ... From my (outside their firewall) I did ... the lab director unplugged each pc one by one from the ... (Security-Basics) RE: Hardware Firewall ??? choose one ! ... I have experience with the PIX and the SonicWall SOHO series firewalls. ... User Authentication, AntiVirus, Content Filtering and a Firewall solution ... You need to make sure your network beyond the firewall is well ... (Security-Basics)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)