Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Options

Translation through VPN-WAN

I have an interesting situation and would like to know if the following is possible:

Site 1 Houses a VoIP Server; gives access to Site 2's Public IP and TCP 8887 Management Port Only (No access to non-SonicWall FIrewall or other parts of it's network).
Site 2 is an office with a SonicWall/static IP; access to VoIPs Server's Management interface can be accessed by:

http://site2.hostname:8887

Site 3 is managed by a SonicWall and has a Site-To-Site VPN to Site 2, with full access to Firewall and all Subnets, but no access to Site 3. So the question is, what can be done so that Site 3 can type http://site2.hostname:8887/ and also access Site 1…maybe through the VPN Tunnel, then mask itself as the public IP for Site 2, which is allowed access?

Is this possible?

Thanks.

Category: Firewall Management and Analytics
Reply
Tagged:

Answers

  • Options
    ArkwrightArkwright All-Knowing Sage ✭✭✭✭

    You can do a NAT policy to handle this but it would be bidirectional NAT in the sense that Site 1 would see the connection originating from Site 2's IP rather than Site 3's.

    The alternative to NAT is to route the traffic between sites over VPN tunnels, although I think when you say "No access to non-Sonicwall firewall" you mean you don't have admin access to it? In which case, you can't do that.

  • Options
    joshuamariusjoshuamarius Newbie ✭

    Thanks so much for taking the time to answer.

    1. What would this Bi-Directional Policy look like?
    2. The Non-SonicWall Site (3) has limited options unfortunately. They would not do a VPN and only opened the port to the static public IP of Site 2 and would not allow for anything else.

    Thanks again.

  • Options
    ArkwrightArkwright All-Knowing Sage ✭✭✭✭

    http://help.sonicwall.com/help/sw/eng/9520/25/9/0/content/Ch35_Network_NAT_Policies.039.05.html

    Your NAT policy will need to have the "Translated Source" set to an IP on the Site 2's firewall, and "Translated Destination" would be whatever "site2.hostname" is,

Sign In or Register to comment.