Incorrect NAT policies preventing hosts from accessing the internet.

Description

Incorrect NAT policies preventing hosts from accessing the internet.

Resolution

Step 1: To troubleshoot, setup a continuous ping to 8.8.8.8 on the server and take a packet capture on the SonicWall of ICMP traffic going to 8.8.8.8


Image


We see that the outbound ICMP traffic (a ping) is NAT'ed to an internal IP address that is leaving the SonicWall. This ping request will never be returned because of the LAN addressing going out to the WAN. Capture shows traffic coming in from X0 (good) and leaving X1 as an internal IP (bad).

We went to the NAT policy table and located a bad NAT that was taking priority before the auto-added X1 outbound NAT policy

Image
Image

Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community