Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

Routing question

djhurt1djhurt1 Enthusiast ✭✭
edited January 2022 in Mid Range Firewalls

I had to create a NAT rule but I don't understand why it's necessary to make 802.1x solution work.

X5 is WLAN 192.168.204.1-using 802.1x solution

-Sonicwave is 192.168.204.243

NPS is 172.0.203.89

X16 is LAN at 10.0.0.2

Core router is 10.0.0.1

I had to create a NAT rule for NPS authentication to work. Rule: Source:X5 subnet | Source translated: X16 IP | Dst. Original: NPS | Dst. Translated: Original | Service:Any. Without this rule, clients can't be authenticated through NPS server.

I already have a static route on the firewall that should eliminate the NAT rule but doesn't work and I can't figure out why.

Route: Source:Any | and destination 172.0.203.0 | Service: any | Gateway 10.0.0.1.


With or without the NAT rule, I can ping NPS from sonicwall. I can ping X5 and sonicwave from NPS. Packet capture shows the request coming from the sonicwave but no reply back from NPS. Access rules seem to be correct. I'm curious why I need this NAT rule to make this work.

Category: Mid Range Firewalls
Reply

Best Answer

  • CORRECT ANSWER
    djhurt1djhurt1 Enthusiast ✭✭
    Answer ✓

    Doh! In my ignorance I ignored the fact that the APs(sonicwaves) are acting as the authenticator and not the firewall. Adding the NAT rule obviously allows me to configure a single IP address rather than 20 in my case.

Sign In or Register to comment.