TZ370 X3 dmz with public ip access printer in x0
Ehsan
Newbie ✭
Dear Sir,
Kindly provide us solution for below mentioned scenario.
X1 - WAN for internet dynamic IP,
X2 - WAN for application access with static public IP internet is blocked only application can be access
X3 - DMZ transparent mode to X2 with range of public IP in X2.
X0 - LAN with printer 192.168.1.100
host in X3 with public IP should directly access the application via X2. And access the internet via X1.
Also X3 can access the printer in X0.
Thanks and best regards.
Category: Mid Range Firewalls
0
Answers
With the right access rules, the X3 subnet should be able to access the printer on LAN. For discovering the printer, multicast needs to be turned ON.
Could you please explain accessing the application using X2 and going online through X1? Since there is a public IP on the DMZ server, it should be able to go online using that IP. Are you looking for something different?
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
Dear Madam,
Actually old scenario is like :-
Access switch are connected to the core switch and core switch connected to router.
There is a VPN between core router to HO and application are hosted at HO.
Branch office also getting internet from HO.
Branch office there is two network, both network access switch are connecting to core switch and core to router.
Right now user from both the network are not able to access each other but they can access internet as well as application from HO.
Now new scenario requirement are like :-
The Branch office both the network user want to access each other and now HO are going to close the internet service only application access will be allowed.
Also we cannot change the network SUB NET otherwise you cannot access the Application since fro the router to HO there is MPLS VPN.
And through VPN application are accessed.
We cannot make changes to core switch as well as router.
Now the new scenario with SONICWALL :-
sonicwall is connected between access switch and core switch.
X1 connected to ISP
x2 192.168.3.2 connected to coreswitch VLAN 1 = 192.168.3.1 ( VLAN1=192.168.1.1 and VLAN1=192.168.2.1 both for branch network) core switch is having three ip address for vlan 1
x0 to network 1
x3 to network 2
x0 should access x3 and vice versa.
x0 and x3 should access the internet via x0
x0 and x3 traffic for some destination IP or service port or for some specific website should route traffic to x2 for accessing the application from HO.
CORE SWITCH VLAN1 is having three IP address. TWO for each network and third IP address is not used.
So we can configure the x2 using the same range of third ip address of vlan1 of the core switch.
Kindly provide me the configuration for SONIC WALL.
How can we route all the traffic from from x0 and x3 for application to x2 and vise versa. And other internet traffic should NAT through x1.
Also x0 and x3 should access each other.
Thanks and best regards.