How to access the WAN Management page from Local Networks hosted behind the SonicWall Firewall

Description

This KB article demonstrates how to access the WAN management IP/page from the local networks hosted behind the firewall.

Cause

We cannot access the WAN Management IP given to the firewall interface because by design the WAN Management IP is allowed just for WAN access when the HTTPS management option is enabled on the specific WAN interface. For this functionality to work we need to loop the traffic back into the network in such a way that firewall knows the destination NAT.

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.

NAT RULE:

  • Navigate to Policy > Rules and Policies > NAT Rules
  • Add a NAT rule as shown below:

Original Source: X0 subnet
Translated Source: Original
Original Destination: All X1 Management IP
Translated Destination: All X0 Management IP
Original Service: HTTPS Management
Translated Service: Original
Inbound Interface: Any
Outbound Interface: Any

Image

ACCESS RULE:

  • Navigate to Policy > Rules and Policies > Access Rules
  • Add an access rule as shown below:

Source Zone: LAN
Source Address: X0 subnet
Source Services: Any

Destination Zone: LAN
Destination Address: All X1 Management IP
Destination Services: HTTPS Management

Image

NOTE: Under Optional Settings of access rule, "Enable Management" should be enabled without which this functionality won't work.

Image

Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

NAT RULE:

  • Navigate to Policy > Rules and Policies > NAT Rules
  • Add a NAT rule as shown below:

Original Source: X0 subnet
Translated Source: Original
Original Destination: All X1 Management IP
Translated Destination: All X0 Management IP
Original Service: HTTPS Management
Translated Service: Original
Inbound Interface: Any
Outbound Interface: Any

Image

ACCESS RULE:

  • Navigate to Policy > Rules and Policies > Access Rules
  • Add an access rule as shown below:

From: LAN
To: LAN
Source Port: Any
Service: HTTPS Management
Source: X0 Subnets
Destination: All X1 Management IP

Image


NOTE: "Enable Management" should be enabled without which this funtionality won't work.

Image

Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
NSa Series
Firewall Management
Firewalls
SonicWall NSA Series
Firewall Management UI
Firewalls
TZ Series
Firewall Management UI
not finding your answers?
Ask the Community