This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Port forward on XG 17.0.3 MR-3

Hi Guys

i am trying to do some port forwarding on my newly install xg firewall.

i have look around the web and found this guide:

https://community.sophos.com/kb/en-us/122976

but i think this guide is from a different \ older version.

my port forwarding screen looks different.

for example: i dont have a "forward type" field.

 

how do i create port forwarding rules?

lets say for example, that i want to forward port 12443 to port 3389

i have a server that i want to access from the internet.

how do i do that?

 

here is a screenshot of my dnat creation screen:



This thread was automatically locked due to age.
Parents
  • Hi Avi,

    That KB article will need to be updated for v17. Thanks for bringing to our attention. 

    I have created an example DNAT rule based on your request below.For a non-standard port like 12443, you will need to create a new Service Object. This will be in the format, source: 1:65535 destination 12443. 

    Please let me know if you have any questions.

    Thanks,
    Karlos

    Karlos
    Community Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.
  • Hi Avi,

    That KB article will need to be updated for v17. Thanks for bringing to our attention. 

    I have created an example DNAT rule based on your request below.For a non-standard port like 12443, you will need to create a new Service Object. This will be in the format, source: 1:65535 destination 12443. 

    Please let me know if you have any questions.

    Thanks,
    Karlos

     

    Hi Karlos.

    thank you for your reply.

    i have done exactly as you advised but it doesnt work.

    although i am very impressed with the xg firewall...

    i have to say its the most difficult one when it comes to port forwarding.

     

    here is what i did:

    1. 

    2. 

  • Hi Avi,

    As per your first image, the service object you created is incorrect. Currently you have source port set as 12443 and destination port as 3389.

    This service object is for the purpose of defining what service port 12443 is and not where you specify the port translation. 

    The port translation is specified under the "Mapped Port *" section.

    As I mentioned earlier, for your first image, it would be in the format - source: 1-65535, destination: 12443.

    What this means is the port the request is coming FROM (which would typically be a private port) or the 'Source' and the service port that is requesting to use, which would be the 'Destination.' 

    Hope that makes sense.

    Thanks,
    Karlos

    Karlos
    Community Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.
  • Hi Karlos.

     

    that worked!

    thank you very much!

    i would have NEVER guessed that this the way to do that!

Reply Children
No Data