Filter
Top Products
Firewall > Access Rules
615
SonicOS 5.8.1 Administrator Guide
Allowing WAN Primary IP Access from the LAN Zone
By creating an access rule, it is possible to allow access to a management IP address in one
zone from a different zone on the same SonicWALL appliance. For example, you can allow
HTTP/HTTPS management or ping to the WAN IP address from the LAN side. To do this, you must
create an access rule to allow the relevant service between the zones, giving one or more explicit
management IP addresses as the destination. Alternatively, you can provide an address group that
includes single or multiple management addresses (e.g. WAN Primary IP, All WAN IP, All X1
Management IP) as the destination. This type of rule allows the HTTP Management, HTTPS
Management, SSH Management, Ping, and SNMP services between zones.
Note Access rules can only be set for inter-zone management. Intra-zone management is
controlled per-interface by settings in the interface configuration
To create a rule that allows access to the WAN Primary IP from the LAN zone:
Step 1 On the Firewall > Access Rules page, display the LAN > WAN access rules.
Step 2 Click Add to launch the Add window.
Step 3 Select Allow from the Action settings.
Step 4 Select one of the following services from the Service menu:
• HTTP
• HTTPS
• SSH Management
• Ping
• SNMP
Step 5 Select Any from the Source menu.
Step 6 Select an address group or address object containing one or more explicit WAN IP addresses
from the Destination menu.
Note Do not select an address group or object representing a subnet, such as WAN
Primary Subnet. This would allow access to devices on the WAN subnet (already
allowed by default), but not to the WAN management IP address.
Step 7 Select the user or group to have access from the Users Allowed menu.
Step 8 Select the schedule from the Schedule menu.
Step 9 Enter any comments in the Comment field.
Step 10 Click Add.