How to create DMZ network and allow internet access?

Aijaz

Hello everyone

I have sonicos tz300 and I have DMZ interface ip = 192.168.3.1 (x2) interface

And my wan interface ip = [redacted by @Community Manager ] (x1) interface

DHCP dynamic configuration= 192.168.3.2 to 192.168.3.254

DNS ip = 8.8.8.8, 44.2.2, 1.1.1.1

1) I have configured access policy for DMZ TO WAN

Src ip = any

Destination= x1 interface (wan)

Service = any

2) Also I have created nat policy for outbound rule

Original src=DMZ interface ip

Translate src=original

Original destination=wan interface ip

Original destination= original

Original service= any

Translate service=orignal

Inbound=any

Outbound=x1

3) Also I have created static route

Source = DMZ interface ip (x2)

Destination= x1 default gateway

Interface = x1

After I did above configuration on my firewall and trying to ping Google.com but I received request time out.

So can anyone tell me is anything wrong in above configuration steps or what should I do on my firewall so that all DMZ subnet can access the internet.

TKWITS

https://www.sonicwall.com/support/knowledge-base/configuring-the-dmz-opt-interface-in-nat-mode/170504748150102/

The above will help.

1) Your access rule is wrong. Your destination should be 'any'.

2) Your nat rule is wrong. It should be more like

Original src=any; Translate src=wan interface ip

Original destination=any; translate destination= original

Original service= any; Translate service=orignal

Inbound=any (or your DMZ interface X2); Outbound=x1

3) there is no reason to have a static route.