I have a client with a Sonic Wall TZ300, running SOnicOS Enhanced 6.5.0.2-8n, ROM version 5.6.1.0
They have an Allworx phone system and are trying to get the mobile app working, which of course requires some port forwards.
Another tech set up the services, NAT rules, etc using the Public Server Guide feature, which should just work. I have confirmed his rules, and also confirmed with the phone tech from the Allworx vendor that we have the correct ports/services configured.
Here's where it gets weird.... They reported that things were not working as they should. I ran a port scan on the outside IP, and I see ports 80 and 443 as open, which suggests there is a rule for those ports and something listening on the inside, that something being the Sonic Wall itself. Now, in running a quick scan with ZenMap, and also see the TCP ports that were declared in the new rules for the Allworx box, but they are showing as filtered instead of open, which typically suggests a rule configured but nothing necessarily listening on the inside...
To test this theory, I temporarily created a rule to allow RDP access from outside to a machine on the inside, then enabled RDP access on the target. I ran a scan, and 3389 showed as open. I tested RDP successfully, then removed those rules because of the insecure RDP ;)
Long story short, I can create rules pointing to anything else on the network without issue, but I cannot get traffic that targets the Allworx server to pass through successfully.
Any ideas?
No comments:
Post a Comment