IP restriction

ToddT

We have a TZ270. We have a SQL server that has to have an open port for a vendor replated database update. (VPN is not an option with this). What is the best way to restrict the IP's that can access that open port? There are only a handful and I would like every other attempt to fail. Would appreciate any help in the best way to do that.

BWC

@ToddT this is a pretty basic task, have a look at this KB-article to get familar with Port Forwarding.

https://www.sonicwall.com/support/knowledge-base/how-can-i-enable-port-forwarding-and-allow-access-to-a-server-through-the-sonicwall/170503477349850/

This gives you a basic overview how publishing a Port to the Internet works. The additional steps in your case are

• create multiple Address Objects for the Vendor IPs
• create an Address Group containing all the Vendor IP Address Objects
• use this Address Group as Source in your NAT and Access Rules created for allowing access to the SQL server

That's it, you might experience some bumps on the road later on (like TCP timeouts, etc.) but first things first.

--Michael@BWC

ToddT

Thx!