[olug] Sonicwall behind linux NAT box?

Jeff Hinrichs jeffh at delasco.com
Thu Feb 27 14:09:51 UTC 2003


> Hello
> Wondering if this is possible and if anyone has done it. I have a client
>  that is behind their ISP's linux NAT box, and gets a 10. private IP
> address. The ISP port-forwards a few ports to one of their servers, so
> they have their own website, mail server, etc. Now they want to put up a
>  Sonicwall vpn server, and have an external user connect to it.
>
> Has anyone set something up like this before? I've read the
> VPN-Masquerading HOWTO, and while they talk a lot about port forwarding
> PPTP connections, it's pretty light on IPSec based VPNS (of which the
> sonicwall is one).
>
> Any recommendations on the best way to handle this? TIA

Most of the sonicwalls support NAT and DMZs.  The only ones I know of that
don't are the ones targeted at home/telecommuter installations.  You might
make your life simpler if you get a sonicwall with NAT/DMZ and loose the
existing nat box.  I take it you don't/can't use linux based vpn?
Or if you really want both, put the linux box behind the sonicwall to
protect the internal connection.  You might want to also see if the 3Com
firewalls are less expensive.  They are private labeled sonicwalls. (or
atleast they were, I haven't heard that they've changed.)

-jeff






More information about the OLUG mailing list