Configure Sonicwall DMZ for internal network
Project ID:
618455Project Type:
FixedBudget:
$30-$250 USD
Project Description:
I need assistance configuring our LAN to allow users to access a web server on another LAN in our building.Users on the "SC" corporate LAN need to access a web server ("Media Server") that is on another company's LAN ("MA" company), which is located in the same building. This web server is not publicly accessible, so the idea is to use a port on SC's external Sonicwall firewall to create an "internal" DMZ. This would enable SC users to access the MA web server, but still allow for anti-virus/intrusion protection between the two LANS.
SC runs Microsoft Essential Business Server 2008 (EBS), which is a 3 server integrated solution that includes the latest version of the ISA firewall, Threat Management Gateway 2010 (TMG). Because you cannot choose to implement EBS without TMG, the organization has two firewalls. Outgoing traffic from the LAN first passes through the TMG firewall, then to the Sonicwall firewall. In EBS terminology, this is called the "Advanced Firewall Configuration".
In the "Advanced Firewall Configuration", you can reduce the firewall functionality of TMG since the perimeter firewall is doing most of the work. There is a slider tool whereby you set the security level of the TMG firewall; we have it set to "Medium-Low". At this setting, Intrusion Detection, Flood mitigation, & DNS attack detection is turned off, but NAT is turned on. Also, there is a rule in TM: "Allow all traffic rule" which opens Internet access to all applications and all users, bypassing any restrictions in the Web access rules. For more info on the security level setting see: http://technet.microsoft.com/en-us/library/ee378489(WS.10).aspx
The Sonicwall is set to forward all traffic that makes it through to the TMG server's external NIC card, which then decides what to do with it.
We have established a physical connection to the MA Lan, plugging it into the Sonicwall's X2 port. Now we need to determine how to configure the X2 port, TMG server and perhaps static routes in order for our users to get to the Media Server.
Our LAN ("SC") network address is:
10.10.22.x/24
Gateway: 10.10.22.1
The "MA" LAN network addressing is:
10.1.31.x/24
Gateway: 10.1.31.1
MA has given us an IP address on their subnet, 10.1.31.254, which presumably would be the interface IP on our DMZ interface.
Skills required:
Computer Security, MicrosoftAdditional Files:
Client+Logical+Network+-+Mediaserver+v1.pdf
Public Clarification Board
1 messages
-
anasahmed
Sir I am a Network Administrator, I had also done certifications in all this, So I can do
this easily, if you give me a chanceover 1 year ago
Awarded Bids
All Bids ()
sergeytaurus
|
|
sergeytaurus
From Kazakhstan
Offline
|
General Freelancer Orientation (75%, 81st percentile)
Foundation EUFreelance.com Member
$100
in 2 days
over 1 year ago
Hi. Cisco certified network engineer with previous SonicWall experience. Please, check PM for details. Thanks.
blade0058
|
|
blade0058
From Sri Lanka
Offline
|
Foundation EUFreelance.com Member
$140
in 2 days
over 1 year ago
Hi,
I have expereince with ISA servers. I would be able to assist you with this.
Regards,
Charith
Hi, I can complete this project. I am network engineer and have experience in network devices and security configuring. Regards
Have worked on sonic wall before. Need $150 to complete CCSP series of Cisco Exam.
Not doing any full time work currently, hence, can dedicate 24 hours non stop.
Pl contact at mayankdotthakarattherategmaildotcom A... more
Have worked on sonic wall before. Need $150 to complete CCSP series of Cisco Exam.
Not doing any full time work currently, hence, can dedicate 24 hours non stop.
Pl contact at mayankdotthakarattherategmaildotcom ASAP.
Thanks & Regards
Maxx less
