Service Rule
Can't figure out how to port forward USG20-VPN FW 4.31(ABAQ.0)
Options
I have looked up numerous guides and youtube videos but most of the of the help is on an older version. I am using the latest version of the FW and still receive my connection is being rejected. My modemn is in bridge mode so I know that can't be the issue. I have attached screenshots so we can figure this out. The port I am trying to open is 32400. Any help? I've been going crazy over this.
Nat rule
Security Policy
0
Accepted Solution
-
Hi @Zendata
Welcome to Zyxel community.
The NAT(port forwarding) rule is for external user easily accessing to internal server. And you just need creating the rule like it:
-The Original IP is the address your ISP provided to you.
-The Mapping IP is the address your server get.
-The Original port is the port number for outside user. User can use this port number to accessing the internal server.
-The Mapping port is the port number that your server is servicing.
And also you have to make sure your Policy Control has allowed the port 3389 from WAN to LAN.
6
Zyxel Employee
All Replies
-
Dear @Zendata
as following
Create service object:
Create the nat rule!
Note: NAT Loopback can be activated, so internal clients can contact server on the WAN IP-address. (Only if Original IP is not ANY.) therefore i filled in external ip
And then The policy control --
This should work !
otherwise make a copy of your log and post it here :-)
1 -
I dont understand the original IP vs mapped ip. Our screenshots are different. This didnt work for me it is still denying. How do I provide logging.
0 -
Also for the ending port, I cant specify it. When i specify 32400 for starting and ending and save. I reopen the service and the ending port is blank.
0 -
Your screenshots say internal vs external. I dont know how that relates to my screens.
0 -
I feel like we are lined up here idk what Im missing.
0 -
Key thing to note my modemn is in bridge mode on public dhcp lease.
0 -
The last thing I can possible think it could be is that zyxel is picking up my IP as a 192 address when my public is a 99.91 address (naturally).
0 -
Hi @Zendata
Welcome to Zyxel community.
The NAT(port forwarding) rule is for external user easily accessing to internal server. And you just need creating the rule like it:
-The Original IP is the address your ISP provided to you.
-The Mapping IP is the address your server get.
-The Original port is the port number for outside user. User can use this port number to accessing the internal server.
-The Mapping port is the port number that your server is servicing.
And also you have to make sure your Policy Control has allowed the port 3389 from WAN to LAN.
6 -
Internal external mapped or original its all the same just other description..
Everything is explained above..
Use youre orignal ip : this is the public wan ip from your ISP
Mapped ip is the nas ip internally0 -
As you can see from the screenshots provided that is exactly what I have. I'm still being denied. How do I upload logs. I need this working before friday next week.
0
Categories
- All Categories
- 385 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 74 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 335 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 886 Nebula FAQ
- 415 Security FAQ
- 228 Switch FAQ
- 198 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 63 Security Highlight
