Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

IPSEC + NAT + X0 Management = No Go

CladMonitorCladMonitor Newbie ✭
edited October 2022 in Entry Level Firewalls

Since about mid version 6.5 we have seen an issue which we haven't been able to access management features on ANY TZ unit (Next gen or previous gen) if we have to use local NAT translation.

Scenario - We are forced to translate the Local Subnet (due to an overlap). On the unit we are translating the ACLs auto created don't allow any sort of management (HTTPS Management, SSH Management, SNMP) from the remote network. If we Manually create the ACLs, things work fine. Except if the Sonicwall reboots, the ACLs are removed, and we are back int he same position.

We have this issue on all gens of the TZs on the latest updated FW on 6.5 and 7.

Category: Entry Level Firewalls
Reply
Tagged:

Answers

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    So your saying you lose Access Rules allowing firewall management upon reboot? But these rules are specific to a Site to Site VPN tunnel with NAT. Provide more description on which side is performing the NAT, sanitized screenshots, etc.

    If it were me I'd just re-subnet one of the subnets and get rid of the overlap.

Sign In or Register to comment.