Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".


Publish NAS securely on TZ400, with 2 ethernet ports

Good morning,

I would like to ask you, what is the best way to publish a NAS safely.

The scenario is the following.

I have 2 WAN (Metrolan and FTTH with public IP), and 1 LAN (Local Network)

I want to install the NAS with 2 Ethernet ports, one linked to the LAN, and the other to the FTTH.

My intention is to be able to access the NAS from the LAN, without putting the LAN at risk in case the NAS suffers an attack.

I have read the topic of setting up a DMZ, but I don't know how it works.

Can you help me?

Thanks in advance for your time.



Category: Firewall Security Services


  • Options
    ArkwrightArkwright All-Knowing Sage ✭✭✭✭

    You can't use the firewall to protect your LAN from the NAS if you plug the NAS's LAN port into your LAN.

    You need to use only one port on the NAS, connected to an interface on your Sonicwall configured with zone DMZ.

    Configure LAN -> DMZ and WAN -> DMZ access rules with the bare minimum of allowed services required. You will need NAT policies as well, assuming that the NAS will have a private IP.

Sign In or Register to comment.