I have a customer with an XG135W SFOS 17.0.6 MR-6 and they need port forwarding set up.
Very simple, in fact it couldn't be more simple. Port 4235 needs to go to one of their servers.
So far:
Checked on the internal LAN that the port is open on the receiving machine - telnet 192.168.x.x 4235 Connection is fine
But from an external address it does not reply to telnet <WAN IP> 4235
If I get rid of the mapped service and set that to ANY, I can make this telnet connection.
Also, if I search my logs for any connections to 4235 it finds nothing, so troubleshooting is impossible.
Set up DNAT rule.
Source Zone: WAN (also tried ANY)
Allowed Client Networks: ANY
Blocked Client Networks: None
Destination Host: WAN PORT
Services: TCP Source 4235, Destination 4235
Forward to
Protected Server: Internal server IP
Protected Zone: LAN
Change Destination: unticked
Advanced:
IP: None
TS: None
No Restrictions
Unticked Rewrite source address, Create Reflexive rule
Log Traffic Ticked.
-----------------------------------------------
I've been on this for hours, and frankly am starting to look useless in front of my client and this really should be a five minute job (Cisco Accredited engineer). I was thinking of moving my customers to Sophos but on what I've seen so far it's over complicated and buggy. Have also replicated the same problem on a spare XG210 I have in the office.
I'd really appreciate some quick help with this this morning.
This thread was automatically locked due to age.
