Having some issues with a Port Forward
All Replies
-
Every tutorial I have seen tells you to use wan1 as the incoming interface value for the NAT. In our case we had to use wan1_ppp as the incoming source, and then everything works as expected. In the Dashboard you will see the Interface Status Summary, and see the wan1 with a small plus sign. Open the tree list object, and use that object that is associated with the external IP address of the router as the incoming interface of the NAT.
NAT
- Incoming interface: wan1_ppp
- Source IP: any
- External IP: WAN_IP (an ip address object pointing to INTERFACE IP wan1)
- Internal IP: an ip address object of type HOST to the internal IP that the NAT is to be routed to
- Port Mapping Type: Port
- Protocol: any
- External port_ 38080
- Internal Port: 38080
Security Policy 1 Allow
- From: WAN
- To: LAN1
- Source: a group ip object for the allowed fixed IP addresses that can use this policy
- Destination: an ip address object of type HOST to the internal IP that the NAT is to be routed to
- Service: a service object that identifies the port that will be routed
- Action: allow
Security Policy 2 Deny
- From: WAN
- To: LAN1
- Source: any
- Destination: any
- Service: a service object that identifies the port that will be routed
- Action: deny
The first policy will only allow a NAT from the allowed source IP addresses
The second policy, which must be after the first object in the policy list, will explicitly deny any access to the port from a non-allowed IP address.
0 -
Hi @rudolfb
Thanks for share your experience on it.0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 148 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight