Virtual Server port mapping

Axonman0001
Axonman0001 Posts: 4
First Comment
edited April 2021 in Nebula
Hi,

Im new to NSG series, Im using the NSG-50

Cant get this working for me. Im trying to open up one single port and a single port-range (towards one remote ip ) for a remote ftp server.
Added portmapping rule using virtual server NAT. Need to open both the single port, and the portrange in the same rule. How can you do this? 

Tried with just the singel port in the portmapping rule but that keeps getting dropped also.. what am i doing wrong?

As far as I have read, you dont need to add a firewall rule aswell to open up the remote ip?

Thanks for any feedback..


/Axon







All Replies

  • Zyxel_Chris
    Zyxel_Chris Posts: 653  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    It's should work based on you description, can you check if the configuration status is "Up to date" in Security gateway page of status part.
    Also, in event log page if the NAT rule 1 has matched then you can find it in Event log category Firewall for instance "priority:1 from...." can you check if there is the log?

    Chris
  • Hi!

    The firmware is up to date.

    In the eventlog the ip is blocked instead of forwarded: "Match default rule, DROP [count=3]"

    The NAT rule I created is not a 1:1 NAT, its on the "virtual server" section.
    Im guessing this is the correct method because Im using the Network translation mode, and not "router mode" on interface adressing.

    This should be the easiest thing but Im stuck...

    If you should do a simple Nat forwarding in NSG-50 what are the steps beside making the actual
    portmapping rule? Is there anything else that must be in place?

    Thanks for your input :-)





  • Zyxel_Chris
    Zyxel_Chris Posts: 653  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    I'll contact you with privacy message, pleas check with your inbox message. =)

    Chris
  • The issue is now resolved. Did a reset on the device and now everything works fine!
  • Zyxel_Chris
    Zyxel_Chris Posts: 653  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Hello @Axonman0001 and every member in community,
    Thanks for your feedback, I assume the root cause is because the configuration is not synchronize between the server and device if anyone who encountered this issue in future and you have confirm the configuration status is up to date (also you didn't see the relevant NAT log in event log.)

    Then can simply enable the support request in Nebula help page and provide your organization and site name for us we can check your device status. =)
    Chris

Nebula Tips & Tricks