Problems port forwarding on USG20W VPN

elkrustelkrust Member Posts: 8  Freshman Member
edited November 11, 2017 3:23AM in ZyWALL USG Series
I am no super techie, but I have enabled port forwarding on many residential style routers in the past but the interface for the USG20W VPN has stumped me. Here's my scenario. Essentially I would like to forward port 22 to a device on my internal LAN at 192.168.1.34. I have a VDSL Modem, and the Zyxel is configured for PPoE. Everything else works fine except for this one and only incoming service I require. I have tried Port Forwarding via the Easy Setup/Port Forwarding route (no joy), then tried to edit the Policy Control for that entry but no joy either. I have put the device in the DNZ - no joy. I am running the latest version on the firmware (as of Nov 2017). Any guidance would be greately appreciated. Thanks in advance.

All Replies

  • ChrisGerChrisGer Member Posts: 198  Ally Member
    @elkrust
    Normaly there are only two steps to configure NAT from the extranet to your internal network.

    Step 1
    Configure NAT rule from external (WAN) - Port 22 to the destination Network (internal-device-IP) and the internal Port (e.g. also 22). cofigure tcp and/or udp as required.

    Step 2
    Configure a security ploicy (firewall rule) from WAN to DMZ (if located in the DMZ) and source IP = any / Destination IP = the LAN IP from your device / Port = 22
    If you are connecting from internal networks to the device, too - please checkup the NAT Loopback option.


    Regards
    Christian
  • andiandi Member Posts: 4  Freshman Member
    edited November 13, 2017 6:32AM
    Dear elkrust,

    some time ago I have had a very similar issue: I was opening ports for the game For Honor  and couldn't understand hot to do it properly. In the end I asked for help at zyxel support site: I did receive a very complete answer and was able to solve my issue. From there I took some notes and wrote them down for future use. Have a look: https://wordbites.ch/?s=usg20w-vpn

    Hope this helps. 

    Best regards,

    andi
  • Zyxel_CharlieZyxel_Charlie Zyxel Official Agent Posts: 982  mod
    edited November 13, 2017 5:52PM
    Hello elkrust,
    Just want to confirm your request first, do you want to type the IP address with port number on the web browser to access server?(Remote client access to local server?)
    Secondly, the Port 22 already used by SSH service by default, so if possible, you should change the port which no service occupy.
    Here is an similar example of setting as your reference.
    EX:
    Remote clients-----(Wan2)USG(Lan2)------Server(port 10000)
    Configure NAT rule and create the policy rule to allow wan to lan with port 10000 on USG.
    1. Add Nat rule and create the policy to allow wan to lan with port 80


    Note: If you insist to allocate port 22 to server, here is the way to configure it.
    Go to Configuration>System>SSH>Change server port to 10000(example)

    After that Go to object>Service>Modify port of SSH_TCP and SSH_UDP to 10000.


    Charlie


Sign In to comment.