Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register
Options

SMA 400

Fcampa88Fcampa88 Newbie ✭
in Secure Mobile Access Appliances

Hi All,

This is my first time deploying a SMA and it is quite easy. However, I have doubts and wonder if the community can help me.
I have configured my Lab SMA behind my firewall configured like this:

Untitled Diagram.jpg

I can sign in to the virtual portal when I type the domain name, if I type the WAN IP, another portal comes up (looks like management), the domain is name LocalDomain, and only accepts the administrator password.

- How I can block people from seeing the admin portal typing my WAN IP?

-Is this scenario following the good practice of deployment?

My understanding is the SMA does not do routing, I configured the port X0 for the DMZ traffic between the Firewall and SMA, and the port X2 as local management.

-Is it recommend to instead of giving to the DMZ zone to access the LAN, connect the port X3 on the SMA to the LAN and define a static route in SMA?

Thank you!



Category: Secure Mobile Access Appliances
Reply
Tagged:

Answers

  • Options
    MarkDMarkD Cybersecurity Overlord ✭✭✭

    Move the Management portal to a different port Add firewall rule to permit only a "whitelisted" range and port

    create another portal for what services you are making available

  • Options
    Fcampa88Fcampa88 Newbie ✭
    edited May 1
    https://community.sonicwall.com/technology-and-support/discussion/comment/21232#Comment_21232

    Thank you, this information helped a lot.

    I've created two portals (contractor and TestVirtual). Is it possible to reach both portals from the WAN using only one interface (X0)?

    I can't imagine another way other than connecting the SMA ports X1, X2 or X3 to my firewall (DMZ) and setting up another zone with port forward and rules.


    Untitled Diagram.jpg
    Screenshot 2024-05-01 114303.png

Sign In or Register to comment.