WAN to LAN Inbound NAT - How To?

Ditto. Need to setup up forwarding for my Slingbox on port 5001. Been screwing with this for 3 hours and I can't make it work. I need someone to tell me what info goes where in the setup, and why, or I'll never understand this to do the other things I need to setup (and my wife will kill me).

IP of the Slingbox is 172.16.1.15, port 5001.
WAN is DHCP

Needs to be available from the Internet or it'll never work.

I just finished doing something completely counter-intuitive, and it seems to work now. Starting from the top, I create a Business Non-Http Rule:

Rule name: Slingbox
Source host: the slingbox by IPv4 address, host group Inside Lan (I created that), IPv4, and the slingbox again in that group.
Hosted Address: Port2 which is my RED WAN Port and IP Address

Protected Zone: WAN
Protected App Server: Slingbox again
Forward All Ports: Off

Port Forward Protocol: TCP
External Port Type: Port Range
External Port Range: 1-65534
Mapped Port Type: Port
Mapped Port: 5003 (in my case, may differ for others, usually 5001)

Routing; Rewrite Source Address: ON
Use Outbound Address: NAT policy for the Slingbox host (I named it SlingNAT, but whatever)

Rule Based User Identity thing: Off

Intrusion Prevention: WAN to LAN
Traffic Shaping: None (will likely change in the future to handle overuse)

Log Firewall Traffic: Yes (in an attempt to try and see what is wrong if it doesn't work, which I never can)

Create Reflexive Rule: Yes (sets up a reverse rule so traffic can get out/back out)

Heartbeat stuff: Off



No clue how or why this works. Like I said it seems entirely counter intuitive. I've got other NAT type stuff to setup for a couple other things and if I end up having any trouble with those, I'm just switching back to the UTM as I had zero issues with that. AND with UTM I could at least seem that protection was running and doing stuff. This XG thing is just a complete pain in the rear to navigate, and I still can't tell if it is actually doing anything more than just giving me a migraine.

I just finished doing something completely counter-intuitive, and it seems to work now. Starting from the top, I create a Business Non-Http Rule:

Rule name: Slingbox
Source host: the slingbox by IPv4 address, host group Inside Lan (I created that), IPv4, and the slingbox again in that group.
Hosted Address: Port2 which is my RED WAN Port and IP Address

Protected Zone: WAN
Protected App Server: Slingbox again
Forward All Ports: Off

Port Forward Protocol: TCP
External Port Type: Port Range
External Port Range: 1-65534
Mapped Port Type: Port
Mapped Port: 5003 (in my case, may differ for others, usually 5001)

Routing; Rewrite Source Address: ON
Use Outbound Address: NAT policy for the Slingbox host (I named it SlingNAT, but whatever)

Rule Based User Identity thing: Off

Intrusion Prevention: WAN to LAN
Traffic Shaping: None (will likely change in the future to handle overuse)

Log Firewall Traffic: Yes (in an attempt to try and see what is wrong if it doesn't work, which I never can)

Create Reflexive Rule: Yes (sets up a reverse rule so traffic can get out/back out)

Heartbeat stuff: Off



No clue how or why this works. Like I said it seems entirely counter intuitive. I've got other NAT type stuff to setup for a couple other things and if I end up having any trouble with those, I'm just switching back to the UTM as I had zero issues with that. AND with UTM I could at least seem that protection was running and doing stuff. This XG thing is just a complete pain in the rear to navigate, and I still can't tell if it is actually doing anything more than just giving me a migraine.