Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 15 replies
  • Answers 1 answer
  • Subscribers 31 subscribers
  • Views 23176 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNAT Setup not working

Maik Purwin

Hi,

i have installed latest XG 17.03 MR-3 as Nat Setup. I have Port1 for Lan (static) and Port2 for WAN (static). Routing from WAN is like that: WAN -> ISP Router -> XG -> Clients . I want to use DNAT for e.g. SSH to rewrite from Port 2222 to 22. I read DNAT Howto and set it up like this. It has worked one time, but since that any more. Firwall Rule is like that:

  • Source = WAN
  • Allowed Networks = Any
  • Blocking = empty
  • Destination = Server-IP (Client LAN)
  • Service = i created a new one for Port 2222
  • Rout to = Server-IP (Client LAN)
  • Port = 22
  • Zone = LAN
  • Change Port = unchecked
  • Default for advanced options, no masqu, no reflex rule
  • Firwall Logging = checked

I cant see any hint of Problems in Logs. Any help?

thx



This thread was automatically locked due to age.
Parents
  • 0

    Hi Mark,

    As you have a ISP router in place ,you XG firewall does not have a public IP (unless you have bridged the ISP router). 

    Configuration on ISP router

    Create a Virtual host/DNAT rule for port  Source as 1:65535 or * and destination as 2222 mapped to port 22222 to XG firewall WAN interface.

    Configuration on XG

    Create a DNAT rule  , Services 2222

    Forward to IPaddress of your system you would like to take SSH and mapped port would be 22.

    Apply NAT MASQ and SAVE.

     

     

    Regards,

    Aditya Patel
    Global Escalation Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • 0 in reply to Aditya Patel

    Hi to all,

    and sorry for my late reply, but i was very busy. I now have time to reinvestigate this problem and what should i say it works. i have changed nothing and the DNAT works. I think it was the underlying virtualisation, which got an update a few days ago.

    solved

Reply Children
No Data
Cookie Information Banner