product icon

How do I add access rules on my SonicWall router?

    Learn how to add specific access rules to your router to ensure that communication between our servers and your phones is always allowed and properly handled.

    First, create and group address objects for IP blocks.

    1. After logging in to your router and choosing the Manage section, select Objects > Address Objects.
    2. From the pop-up menu, select Add and then give the object a name such as GTC1.
    3. Complete the following fields:
      • In the Zone Assignment field, choose WAN.
      • In the Type field, choose Network.
      • In the Network field, enter 199.36.248.0.
      • In the Netmask/Prefix Length field, enter 255.255.252.0.
    4. Select Add when complete.
    5. Repeat steps 2-4 for the remaining two IP blocks, using the following changes:
      • For the second object, the Network is 199.87.120.0.
      • For the third object, the Network is 162.250.60.0.
      • For the fourth object, the Network is 45.12.196.0.
      • For the fifth object, the Network is 202.173.24.0.
        • In the Netmask/Prefix Length field, enter 255.255.248.0.
      • For the sixth object, the Network is 173.199.0.0.
        • In the Netmask/Prefix Length field, enter 255.255.192.0.
      • For the seventh object, the Network is 23.239.224.0.
        • In the Netmask/Prefix Length field, enter 255.255.192.0.
    6. Once all three IP blocks are created, select Address Groups and then select Add.
    7. Enter a name for the address group.
    8. Add the three address objects you created earlier to the address group by selecting them and then pressing the right-facing arrow button in the middle of the screen to move the objects into the group.
    9. Select Ok when complete.

    Then add your access rules.

    1. From Rules > Access Rules, select Add.
    2. From the Create New Rule menu, complete the following settings in the general tab for the inbound traffic rule:
      • In the From field, enter LAN.
      • In the To field, enter WAN.
      • In the Source Port field, enter Any.
      • In the Service field, enter Any.
      • In the Source field, enter Any.
      • In the Destination field, enter the name of the Address Group created earlier.
      Note: All other general settings can remain as they are.
    3. From the same Create New Rule menu, complete the following settings in the advanced tab for the inbound traffic rule:
      • In the UDP Connection Inactivity Timeout field, enter 300 seconds.
      • In the Disable DPI field, make sure this is checked if available.
    4. Select Add when complete to create the rule.
    5. Repeat step 1 to create a second rule.
    6. From the Create New Rule menu, complete the following settings in the general tab for the outbound traffic rule:
      • In the From field, enter WAN.
      • In the To field, enter LAN.
      • In the Source Port field, enter Any.
      • In the Service field, enter Any.
      • In the Source field, enter the name of the Address Group created earlier.
      • In the Destination field, enter Any.
      Note: All other general settings can remain as they are.
    7. From the Create New Rule menu, complete the following settings in the advanced tab for the outbound traffic rule:
      • In the UDP Connection Inactivity Timeout field, enter 300 seconds.
      • In the Disable DPI field, make sure this is checked if available.
    8. Select Add when complete to create the rule.
    What to do next: After these rules are created you should use the priority modifiers to move these rules to the top of their respective lists. This ensures that traffic matches and follows the policy for the rules just created rather than an existing rule in place.
    Previous article: How do I enable consistent NAT on my SonicWall router?
    Next article: How do I exclude GoTo Connect traffic from the Intrusion Prevention System (IPS) on my SonicWall router?
    Related Articles
    Article last updated: 22 April, 2022