Anyone familiar with sonicwall config?

[promposive]

SonicWall Pro 1260 Without enhanced software.

Hi, I am familiar with networking but cannot find the settings I want under the sonicwall pages. I have multiple WAN IP addresses with Multiple LAN Servers.
Given wan addresses:
WAN1, WAN2, WAN3

And lan addresses:
LAN1, LAN2, LAN3


LAN1 is web server, lan2 is say ssh server, and lan3 is ftp server.
Right now the WAN1 ip is one to one nat with LAN1, WAN2->LAN2, WAN3->LAN3

There exist firewall filters to allow only port 80 on WAN1, port 22 on WAN2, and port 21 on WAN3.

I want to forward either ALL port 21 incoming on ANY wan address, to the one machine LAN3. (OR more specifically WAN1 OR WAN3 I want to port forward port 21 on LAN3)

This seems like a pretty basic task, but i cant find anything that will do it, can anyone help with specific pages/settings on this device?

 

[jlazzaro]

what you're trying to do is not possible. if you forward port 21 on multiple WAN addresses to a single host, how will that host know where to send return traffic?

easiest workaround would be to put a secondary address on LAN3. Point WAN3 to LAN3's primary address and WAN1 to LAN3's secondary address.

 

[promposive]

Originally posted by: jlazzaro
what you're trying to do is not possible. if you forward port 21 on multiple WAN addresses to a single host, how will that host know where to send return traffic?

I believe this is the job of NAT?

Originally posted by: jlazzaroeasiest workaround would be to put a secondary address on LAN3. Point WAN3 to LAN3's primary address and WAN1 to LAN3's secondary address.

Then wouldnt I lose access to my LAN1 web server..?

 

[jlazzaro]

Originally posted by: C0BRA99

Originally posted by: jlazzaro
what you're trying to do is not possible. if you forward port 21 on multiple WAN addresses to a single host, how will that host know where to send return traffic?

I believe this is the job of NAT?

this is static NAT, not your typical NAT/PAT used for source addresses.

Originally posted by: C0BRA99

Originally posted by: jlazzaroeasiest workaround would be to put a secondary address on LAN3. Point WAN3 to LAN3's primary address and WAN1 to LAN3's secondary address.

Then wouldnt I lose access to my LAN1 web server..?

not if you forward port 80 on WAN1 to LAN1 and port 21 on WAN1 to LAN3 secondary.

 

[promposive]

Originally posted by: jlazzaro
not if you forward port 80 on WAN1 to LAN1 and port 21 on WAN1 to LAN3 secondary.

Yes, and this is where my problem is, I do not see any settings in the sonicwall config for doing such a thing. I can only map my WAN address to a LAN address, and then filter which port is allowed through. There is no specific "Port Forwards" page, or anything like that.

Edit:
I have not tried to map WAN1 -> LAN1, and also WAN1 -> to LAN3Secondary, but something tells me from the title of the page that allows this "1 to 1 NAT Mapping" that this will not be allowed.

 

[compman25]

SonicOS Enhanced I believe will let you do this. Check the Sonic forums for more info on how to do it.

 

[RebateMonger]

It doesn't sound like you really need three WAN addresses. Why not use a single IP address and forward requests to the appropriate internal server?

 

[promposive]

Originally posted by: RebateMonger
It doesn't sound like you really need three WAN addresses. Why not use a single IP address and forward requests to the appropriate internal server?

There are other servers/services, but I just left them out of the config to keep it simple

 

[hiromizu]

Look for 1 to 1 NAT setting.