So you are saying you went NAT accross the board. Both on the LAN and DMZ? Did you then do "One-to-One NAT" for access to your LAN, where needed, from the internet? That's how I have it setup right now and it works great. I thought you just wanted to NAT the DMZ, which seems like it is possible when I look at it. You origionally ran straight public addresses on your LAN right? I would have thought you could have simply added the NAT to your DMZ and that's it.
-Curtis -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ian McBride Sent: Thursday, May 30, 2002 8:55 PM To: '[EMAIL PROTECTED]' Subject: RE: [SonicWALL]- Can I do this part 2. Public on LAN, private on DMZ with NAT What a frustrating evening... I kind of got this running. I enabled NAT, and was able to get access to the Internet from the private network on my DMZ (and the network off the LAN port). However, after that, nothing would get past the firewall to my LAN. Everything was showing up as being blocked by 'Rule 0'. I even tried removing all of the rules and explicity allowing all connection to one box and the connection still got blocked. Anyone have ideas? My /perferred/ solution would be to be NATting the DMZ and not the LAN, but that doesn't appear to be possible. (grrr). Thanks. -Ian -----Original Message----- From: Dude, Curtis [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 30, 2002 12:33 PM To: [EMAIL PROTECTED] Subject: RE: [SonicWALL]- Can I do this part 2. Public on LAN, private on DMZ with NAT It will have access outgoing no problem. It think people are just concerned about using those as Internet servers (incoming), which I think can still be done through On-to-One NAT. Just remember to export all you working settings first, so if all else fails you can fall back onto those old settings. -Curtis -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ian McBride Sent: Thursday, May 30, 2002 2:29 PM To: '[EMAIL PROTECTED]' Subject: RE: [SonicWALL]- Can I do this part 2. Public on LAN, private on DMZ with NAT Actually the machines in the DMZ will need to have internet access. Hrm. I'll have to play with this in a few hours. Thanks for everyone's input. -----Original Message----- From: Dude, Curtis [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 30, 2002 12:13 PM To: [EMAIL PROTECTED] Subject: RE: [SonicWALL]- Can I do this part 2. Public on LAN, private on DMZ with NAT I think that is Okay in this case. I suppose though that you could do a one-to-one nat if you needed to connect. -Curtis -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jeff Vogt Sent: Thursday, May 30, 2002 1:27 PM To: '[EMAIL PROTECTED]' Subject: RE: [SonicWALL]- Can I do this part 2. Public on LAN, private on DMZ with NAT you can setup a separate network in the dmz, but if it use private ip addresses it will not be internet accessible as it cannot communicate with the gateway interface -----Original Message----- From: Ian McBride [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 30, 2002 10:03 AM To: '[EMAIL PROTECTED]' Subject: [SonicWALL]- Can I do this part 2. Public on LAN, private on DMZ with NAT Morning, I'm hoping someone can give me an answer to this...Curtis' problem was very much like mine. I've got a SonicWall Pro (running 6.3.1.0)...currently I have a 32 IP subnet (public) on the LAN interface (no NAT) and the DMZ interface is unused. What I'd like to do is hook up a small private, NATted network on the DMZ interface. Is this possible without reconfiguring the rest of my network? Thanks in advance (and mucho thanks for this list!). -Ian --- [This E-mail scanned for viruses by Declude/F-Prot AV] ============================================================================ ======================= To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/ --- [This E-mail scanned for viruses by Declude/F-Prot AV] ============================================================================ ======================= To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/ --- [This E-mail scanned for viruses by Declude/F-Prot AV] ============================================================================ ======================= To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/ --- [This E-mail scanned for viruses by Declude/F-Prot AV] ============================================================================ ======================= To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/ --- [This E-mail scanned for viruses by Declude/F-Prot AV] ============================================================================ ======================= To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/ --- [This E-mail scanned for viruses by Declude/F-Prot AV] ============================================================================ ======================= To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/ --- [This E-mail scanned for viruses by Declude/F-Prot AV] =================================================================================================== To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/
