DMZ Access from WAN

Hi, 

 

I'm struggling to gain access to a server in my DMZ from the WAN on my XG310. Im convinced its something simple as i've been able to allow access from Wan to an internal server in my LAN .

I have ports 2 and 6 configured as WAN access (port 2 is and backup for 6), with my DMZ server plugged into Port 3.

Port 3 is configured with IP 172.x.y.2 and the server i'm gaining access to is 172.x.y.11 I am looking to connect on port 2247.

 

My DMZ server can access the internet 

I'm running a XG310  with v18 and have the following set up:

 

 

 

 

 

Any ideas?

  • Hi there.

    Split it down into 2 seperate rules, one for each Wan port.

    You may be having an issue with the dual port address in there.

     

    In your Dnat rule 12, the Source shouldnt be MASQ, it should be original

    And the Service on the Source Side should be original as well

    Your reflexive rule should have the Source as MASQ

  • In reply to GavinDaniels:

    Thanks...

    I've set it to just one wan port for the moment. So does this look better?

     

     

    and 

     

     

     

     

    I think you may have edited your post, does that mean the port 2 & 6 thing still needs changing to port 3?

  • In reply to GavinDaniels:

    All sorted now thanks.

    Your reply coupled with me spotting a large helping of user error sorted it ‍♂️