Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Can someone help me with Route to get past IP Spoofing?

Hi all, I'm a software programmer so firewalls/networking aren't my strength. Our company bought a NSA 2700 and I figured out how to configure it except for 1 thing. I tried to follow this https://community.sonicwall.com/technology-and-support/discussion/755/ip-spoof-thats-not-an-ip-spoof but couldn't translate it into my situation.

Our phone system servers are on the 172.168.x.x network but our normal servers/computers are in the 192.168.x.x network. When our phone system server tries to check for updates or get the time over the internet on port X0 it's being blocked by IP Spoofing because it's in a different subnet. From the above post, I can see I need to create a route but can't figure out what parameters I need to type in.

So if my current network is 192.168.x.x, phone system servers being blocked by IP Spoofing is on 172.168.x.x network, what would I enter for the following route? I'm answering the ones I think are right

Source: any

Destination: ??? would this be the ip range of our phone servers 172.168.1.0 - 172.168.1.255

Service: Any

Interface: X0

Gateway: ???

Metric: 1

Thanks

Category: Mid Range Firewalls
Reply

Best Answer

  • CORRECT ANSWER
    SaravananSaravanan Moderator
    Answer ✓

    Hi @ALLENASKA,

    Thank you for visiting SonicWall Community.

    You were almost there. The route should look as,

    Source: Any

    Destination: 172.168.1.0 - 172.168.1.255

    Service: Any

    Interface: X0

    Gateway: X0 default gateway or 0.0.0.0

    Metric: 1

    If the firewall still reports IP spoofing, please share the screenshots of complete IP spoof log message, Interface configuration page and Route policies page. We can assist you further.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

Answers

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    Its just like programming. First define the object you are using as a reference.

    Address Object:

    Name: Phone LAN; Zone: LAN; Type: Network; Network address: 172.168.1.0; Mask: 255.255.255.0


    Second define how to route traffic to/from said object.

    Route Policy:

    Name: Any to Phone LAN; Source: Any; Destination: 'Phone LAN' address object; Service: Any; Interface: X0; Gateway: 0.0.0.0; Metric: 5


    Third define how to allow traffic to the internet from said object.

    Access rule:

    Function: Allow; Source Zone: LAN; Source address: 'Phone LAN' address object; Destination Zone: WAN; Destination address: Any; Source Port: Any; Service: Any


    Fourth define how to translate traffic from said object to the internet.

    NAT policy:

    Source: 'Phone LAN' address object; Translated source: X1 IP; Destination: Any; Translated destination: Original; Service: Any; Translated service: original; Inbound interface: X0 (or Any); Outbound interface: X1


    Finally enable the firewall to advertise itself on the phone network.

    Interface \ ARP:

    Create and publish a static ARP entry on the X0 interface for the gateway address used by the phone network equipment (presumably 172.168.1.1).


    With a default config you can just get away with doing the first, second and last steps as Sonicwalls have some generous Any Any Any type rules.

  • AllenAskaAllenAska Newbie ✭

    Thank you, I'm going to try tonight when people go home and will let you know.

Sign In or Register to comment.