TZ250 DMZ Setup Issues
MSYFlyer
Newbie ✭
I have a TZ250 running 6.5.4.7-83n and am having trouble setting up a DMZ.
(I have changed the first 3 fields, the network portion of actual IP addresses for privacy reasons. The 4th field (host) is exactly as provided by the ISP, COX Communications)
I want to set up a DMZ for multiple addresses that aren’t NAT’d. They’re for individual VM’s on a Windows Server 2019 running Server 2019 Datacenter Version and each VM has a dedicated physical NIC. These NIC’s will connect to the DMZ Port via a dedicated switch or VLAN.
Before needing to set up multiple static IP’s, the site had 1 Static IP –
Static IP 9.9.9.34
S/N Mask 255.255.255.128
Gateway 9.9.9.1
I requested a change to 5 static IP’s and expected to receive a block of 8 with 5 usable, Instead I received the following:
Static IP’s
9.9.9.34
9.9.9.3
9.9.9.7
9.9.9.9
9.9.9.11
9.9.9.15
Gateway 9.9.9.1
Subnet mask 255.255.255.192
NETBLOCK 9.9.9.0/26 which translates to a range of 9.9.9.0 – 9.9.9.63
The WAN Zone Parameters are 9.9.9.34, 255.255.255.128, 9.9.9.1 (DNS’s are immaterial)
I set up a DMZ using the Portshield Wizard to set up a WAN/OPT/LAN and changed the Unassigned Port to a DMZ.
I’ve had no luck in configuring the Port. I ‘ve tried a variety of configuration parameters.
When I change the Zone from Unassigned to DMZ the screen is populated with Static IP Mode, IP Address 0.0.0.0, S/N Mask 255.255.0.0, Gateway 0.0.0.0
I have tried
9.9.9.3, 255.255.255,192, 0.0.0.0
9.9.9.3, 255.255.255.128, 0.0.0.0
And each of the other assigned Static IP’s
Each time when I click OK the setting reverts to Unassigned, 0.0.0.0, 0,0,0,0, N/A
What am I missing?
Thanks in advance for any help.
Best Answers
-
CORRECT ANSWERMSYFlyer
Newbie ✭
With a little more digging and playing with search term, I found the answer. The DMZ has to be configured in Transparent Mode to accomplish what I wanted.
There's a Knowledge Base article which has the solution in detail:
0 -
CORRECT ANSWER
Saravanan
Moderator
Hi @MSYFLYER,
Thank you for visiting SonicWall Community.
Looks like you have issues with configuring the DMZ interface as the interface goes to Unassigned mode. Please go ahead and configure the interface directly and not use to Wizard. Also, as you want to implement the public IP addresses directly onto the servers on DMZ zone, you can use Transparent Mode feature on the SonicWall. Transparent mode lets you to configure the DMZ servers to operate on public IP's directly instead NATTING. The DMZ interface will be transparently bridged to the primary WAN interface. Please note, you cannot bridge the DMZ to secondary WAN interface if any.
Hope this helps.
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services
5
Answers
Thanks SARAVANAN, as you can see I found he Transparency solution and implemented it a few minutes before your post.
Your answer is spot on and appeciated.
You are welcome @MSYFLYER. Sorry, I didn't see it as I was collecting the info and drafting it for you. Thank you so much. Appreciate your efforts.
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services