How can I allow FTP connections to go through my firewall from specified clients? I am using SonicWALL PRO 4060 platform I have a complex networks and their TCP/IP network address and subnetwork mask. I want to know how I can include this on my SonicWALL PRO 4060 servers. Does anyone have an idea?
Â
Perform the following setup steps. Step 1-4 are for the administrator while Step 5 is for the remote user.
1. Configure the SonicWALL PRO 4060 (running SonicOS Enhanced firmware) so that we can connect a SonicWALL SSL-VPN appliance to it.
a) Create a new public zone named SSL-VPN. b) Configure the X2 port with an appropriate IP address (192.168.200.2/24 in our case) and assign it to the
X2 zone. c) Change the management port numbers for HTTP/HTTPS d) Configure a port forwarding policy using the Public Server Wizard
(alternatively an IP mapping policy can also be configured here). e) Configure the appropriate access rules.
2. Configure the SonicWALL SSL-VPN appliance in stand-alone mode (PC connected to the X0 port of the SonicWALL SSL-VPN appliance via cross-over cable) for basic network connectivity.
a) For the XO port, setup the IP and mask. b) Setup the default route.
3. Connect the SonicWALL SSL-VPN appliance (X0 Interface) to the SonicWALL PRO 4060 (X2 in our case), and finalize the SSL-VPN configuration.
a) Create a Local User in Local Domain. b) Add a Range for the NetExtender. c) Add Routes for NetExtender
(in our case, it should know how to get to the FTP Server). 4. Setup an FTP Server on the LAN segment of the SonicWALL PRO 4060.5. As a Remote User, make a connection to the SonicWALL SSL-VPN appliance, and the access FTP Server using NetExtender.
IP Addressing Scheme for PRO 4060 X0: 192.168.168.168/24 X1: 200.1.1.2/29 X2: 192.168.200.2/24
Default Gateway: 200.1.1.1
PC sitting on X0 of PRO 4060 IP : 192.168.168.100/24 Default Gateway: 192.168.168.168
IP Addressing Scheme for SSL-VPN X0: 192.168.200.1/24 Default Gateway: 192.168.200.2
