Sonicwall TZ170 and Multiple Static Addresses

Archived from groups: comp.security.firewalls (More info?)

In article <10djjmtce4p0f3a@corp.supernews.com>,
"Charles R. Thompson" <charles.thompson@indysoft.com> wrote:

> We recently purchased a Sonic TZ170 and are currently planning to implement
> it in our network. I have a few questions if anyone can field them.
>
> We have 6 fixed public IP addresses on our IPS T1 router. 4 Run NAT to
> accessory machines while 2 run to a webserver and email server.
>
> Does anyone have some information on configuring the TZ170 to handle our
> multiple IPs and if so, can you provide some insight/references?
>
> We are looking to set up the TZ170 to protect the webserver, email server
> and accessory machines while also protecting the connected clients via LAN.
> All this and maintain our 4 NAT routings.
>
> Thanks,
>
> Charles

just reading this so may not be of any help but it can be done (our
TZ170 is configured this way). There is a setting to add Public IPs for
the TZ170 to listen for other than the WAN IP that it is set to.

You will also need to set up 'services' for the ports that will be
directed to the NAT IP of the server on the LAN. You then set up
One-to-One NAT for the public IP address to the private IP of the server
that is now behind the firewall.

It has worked okay but I had an issue with the particular mail server
set up I run as I have two IPs assigned and a main and secondary domain
for mail. I also use a certificate and it will only validate from
outside (which is okay as it is not needed on the LAN).

The point being that you may want to save configurations, test,
implement in phases to make sure everything is working as it should to
avoid loss of services.
--
"Atlanta Joe" aka Joe Webb
Flats fishing is Flat Fun!
Visit my site at http://flatsfisher.com