Problems port forwarding on USG20W VPN
I am no super techie, but I have enabled port forwarding on many residential style routers in the past but the interface for the USG20W VPN has stumped me. Here's my scenario. Essentially I would like to forward port 22 to a device on my internal LAN at 192.168.1.34. I have a VDSL Modem, and the Zyxel is configured for PPoE. Everything else works fine except for this one and only incoming service I require. I have tried Port Forwarding via the Easy Setup/Port Forwarding route (no joy), then tried to edit the Policy Control for that entry but no joy either. I have put the device in the DNZ - no joy. I am running the latest version on the firmware (as of Nov 2017). Any guidance would be greately appreciated. Thanks in advance.
0
All Replies
-
@elkrust
Normaly there are only two steps to configure NAT from the extranet to your internal network.
Step 1
Configure NAT rule from external (WAN) - Port 22 to the destination Network (internal-device-IP) and the internal Port (e.g. also 22). cofigure tcp and/or udp as required.
Step 2
Configure a security ploicy (firewall rule) from WAN to DMZ (if located in the DMZ) and source IP = any / Destination IP = the LAN IP from your device / Port = 22
If you are connecting from internal networks to the device, too - please checkup the NAT Loopback option.
Regards
Christian
0 -
Dear elkrust,
some time ago I have had a very similar issue: I was opening ports for the game For Honor and couldn't understand hot to do it properly. In the end I asked for help at zyxel support site: I did receive a very complete answer and was able to solve my issue. From there I took some notes and wrote them down for future use. Have a look: https://wordbites.ch/?s=usg20w-vpn
Hope this helps.
Best regards,
andi0 -
Hello elkrust,
Just want to confirm your request first, do you want to type the IP address with port number on the web browser to access server?(Remote client access to local server?)
Secondly, the Port 22 already used by SSH service by default, so if possible, you should change the port which no service occupy.
Here is an similar example of setting as your reference.
EX:
Remote clients-----(Wan2)USG(Lan2)------Server(port 10000)
Configure NAT rule and create the policy rule to allow wan to lan with port 10000 on USG.
1. Add Nat rule and create the policy to allow wan to lan with port 80
Note: If you insist to allocate port 22 to server, here is the way to configure it.
Go to Configuration>System>SSH>Change server port to 10000(example)
After that Go to object>Service>Modify port of SSH_TCP and SSH_UDP to 10000.
Charlie
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 146 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight