Results 1 to 5 of 5

Thread: one-to-one NAT on sonicwall TZW

  1. #1
    Mad Overclocker m4a2t0t's Avatar
    Join Date
    Apr 2001
    Location
    Phoenix AZ
    Posts
    3,962

    one-to-one NAT on sonicwall TZW

    im setting up a game server at work and wanted to use one the additional IP's we have for it. I tried to use one-to-one NAT but I can still only acces the server by the firewalls IP. I have setup access rules and setup a service for the game. I followed the instructions I found in admin docs. What am I missing?
    Will Work For FSB

  2. #2
    SG Enthusiast twwabw's Avatar
    Join Date
    Nov 2000
    Location
    LeRoy, NY, USA
    Posts
    2,472
    what ports are you using?
    Observe everything...focus on nothing..

  3. #3
    Mad Overclocker m4a2t0t's Avatar
    Join Date
    Apr 2001
    Location
    Phoenix AZ
    Posts
    3,962
    2302-2303
    Will Work For FSB

  4. #4
    Mad Overclocker m4a2t0t's Avatar
    Join Date
    Apr 2001
    Location
    Phoenix AZ
    Posts
    3,962
    I had the private IP on the wrong subnet.

    One question. when I look into the log it shows a lot of UDP packets being dropped, Is the number next to the IP the port its trying to acces? Im just thinking its people trying to connect to the server but its dropping their packets.

    Is it bad to allow pings to my firewall? I would like the players to be able to see their ping time but I dont want to compromise security.
    Will Work For FSB

  5. #5
    SG Enthusiast twwabw's Avatar
    Join Date
    Nov 2000
    Location
    LeRoy, NY, USA
    Posts
    2,472
    Is the number next to the IP the port its trying to acces?
    Yes- both on the source and destination columns. Here's a typical group of entries (with my server's ip x'd out):

    UDP packet dropped 200.207.121.240, 1066, WAN 216.136.x.x, 137, WAN
    TCP connection dropped 216.135.145.26, 1402, WAN 216.136.x.x, 139, WAN 'NetBios' 0
    TCP connection dropped 81.59.51.106, 3877, WAN 216.136.x.x, 135, WAN 'RPC Mapper' 0
    UDP packet dropped 216.136.95.50, 53, WAN 216.136.x.x, 13422, WAN

    Is it bad to allow pings to my firewall? I would like the players to be able to see their ping time but I dont want to compromise security.
    Well, if you're concerned about security, you wouldn't be using a game server inside your company's firewall. So, with that in mind, how much worse can you make it with ping enabled?? I'd think twice about that one, especially since the TZW doesn't support a truly isolated DMZ.

    As a general rule, I turn ping off. I realize that "security by obscurity" is not a mantra, but I generally try to do everything I can to hide my networks.
    Observe everything...focus on nothing..

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •