How to Restrict HTTPS and Ping Access to a SonicWall Firewall for Specific IPs 🔒

Leave a Comment / Firewalls, Sonicwall

To limit access to management services (HTTPS & Ping) on SonicWall, you need to create firewall rules that allow only specific IPs while blocking all others. Follow these detailed steps:

Step 1: Create an Address Object for Allowed IPs

  1. Log in to the SonicWall Web Interface.
  2. Navigate to Objects → Address Objects.
  3. Click Add to create a new Address Object:
    • Name: Allowed_Admin_IPs
    • Zone Assignment: WAN (or the relevant zone)
    • Type: Host (for a single IP) or Range (for multiple IPs)
    • IP Address/Range: Enter the specific IP(s) allowed to access
  4. Click OK to save.

Step 2: Create Firewall Rules to Allow HTTPS and Ping

Now, you need to create allow rules for management access from the allowed IPs.

Create an Allow Rule for HTTPS (Management Access)

  1. Navigate to Policy → Rules and Policies → Access Rules.
  2. Select the WAN to LAN (or the relevant zone) tab.
  3. Click Add Rule and configure:
    • Action: Allow
    • From Zone: WAN
    • To Zone: LAN
    • Source: Choose the Allowed_Admin_IPs object you created earlier
    • Destination: Firewall Management (HTTPS)
    • Service: HTTPS Management
    • Enable Logging: Yes (Optional, for monitoring)
  4. Click OK to save.

Create an Allow Rule for Ping (ICMP)

  1. Click Add Rule again.
  2. Configure the rule:
    • Action: Allow
    • From Zone: WAN
    • To Zone: LAN
    • Source: Choose Allowed_Admin_IPs
    • Destination: Firewall
    • Service: Ping (ICMP)
    • Enable Logging: Yes (Optional)
  3. Click OK to save.

Step 3: Create a Deny Rule to Block All Other Access

Now, block all other HTTPS and Ping traffic from unauthorized IPs.

  1. Navigate to Policy → Rules and Policies → Access Rules.
  2. Select the WAN to LAN tab.
  3. Click Add Rule and configure:
    • Action: Deny
    • From Zone: WAN
    • To Zone: LAN
    • Source: Any
    • Destination: Firewall
    • Service: HTTPS Management & Ping (ICMP)
    • Enable Logging: Yes
  4. Click OK to save.

Step 4: Test & Verify

  1. Try accessing the firewall via HTTPS from an unauthorized IP (it should be blocked).
  2. Try accessing it from an allowed IP (it should work).
  3. Use ping to verify the firewall responds only from allowed IPs.

✅ Now, only authorized IPs can access the SonicWall Firewall via HTTPS & Ping, enhancing security. 

Leave a Comment

Your email address will not be published. Required fields are marked *