Comments
-
In my head I'm thinking that I put the printer on a DMZ interface and then setup access rules as folows, Allow traffic from LAN to DMZ (X0 Interface to X5 Interface) Allow traffic from Guest to DMZ (x6 Interface to X5 Interface) Deny any traffic from DMZ outward (X5 Interface to ANY) I want to ensure that someone can't…
-
Hello @MITATONGE, I've updated the address object zone to WAN but I still have the issue.
-
Thanks @MITATONGE for the post. The picture I attached is actually when I was troubleshooting the issue and I had changed WAN to LAN, but the address object is set to WAN and has the malicious IP and that IP is in a Group that is assigned in the rule to block LAN TO WAN but it still isn't working. I have the rule set to…
-
Thank you @BWC I will update my SonicWALL and remove the router. I want to explain the situation I'm having because you might have some insight into this. My SonicWALL is setup to point to 2 specific DNS Servers that monitor and log all the DNS requests. I then receive a report from my vendor every couple days that details…
-
@BWC let me ask you this. Does there even need to be a router on this interface? Could I simply put a switch there and let the SonicWALL handle DHCP and everything else? I feel like the only reason I added the router in between the SonicWALL and the switch was because it wouldn't give IP assignment unless the router was…
-
I know its been a while since I last commented but I was just now able to try to setup a DMZ and let me tell you what I've run into. I've got my primary LAN on X0. My WAN on X1, Guest Network on X6 and my DMZ set to X5. Primary LAN 192.168.100.1, Guest Network 192.168.200.1, and I set the DMZ subnet to 192.169.150.1 I have…
-
@Sliderhome Those IPs were incorrect. The ISP provided me with the IP Addresses I use and the subnets. When I input them both I get that error message (Error: Subnet on the interface overlaps with another interface). I'm thinking of asking the ISP to change one of the subnets to something like IP1 100.111.222.5 and IP2…
-
@Larry I believe that solves my issue with the external IP Range. The pen testers were able to do their external pen test but now I have a different question that's somewhat related I believe. My vendor is doing two types of test. They needed their IP Range allowed so they could penetrate the network to see what they could…
-
@Sliderhome and @Ajishlal thank you for the replies. @Sliderhome I've attached an image of my interfaces with the information changed. But for example, My primary WAN connection coming into my facility has an external static IP assigned to (100.123.26.1). In the picture it is labeled as the secondary WAN. My ISP has…
-
Thanks Larry, I've went in and done this process. I'm now looking at NEVYADITHA's comment to see if I have to allow the IP within each security service. Thanks!
-
Thank you NEVYADITHA. I will review all of the documents. I was hoping there was a way to add the range once and it would whitelist it for everything, but it appears in your documents that I have to go in and manually allow for each security service.
-
TKWITS from the diagram above the first router "Router 0" was put in place by a vendor. They wanted to segment their network away from my network and this was their solution. My main connection come from my ISP to Router 0 and then to my SonicWALL, and from the SonicWALL is really where I start controlling the network. The…
-
Thank you for all the help. I have the network setup pretty good now with your help but have a question about the DMZ. Currently I have 2 WAN interfaces. I have a LAN interface and a Guest interface. The LAN and Guest don't touch. The LAN uses the 192.168.100.1 scope and the Guest uses the 192.168.200.1 scope. I want to…
-
Hello @SHIPRASAHU93 Another quick question. What I have running into right now is, I have my (X6) Interface setup as Wireless or WLAN with the IP address of (192.168.100.1). I have a switch connected to that interface with an IP address of (192.168.100.2). I have several computers and a couple wireless AP's connected to…
-
Hello @SHIPRASAHU93 I currently trying to setup the the Wireless interface on the SonicWALL. I have a switch connected to the interface (X6) and a host connected to that switch. The default Subnet on my LAN is the typical 192.168.1.1 but on the Wireless I wanted to make it 192.168.100.1. Does there need to be a router…