Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 41 subscribers
  • Views 4706 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Port forwarding with Fritzbox as modem

Simon Kallenbach

Hello all, i am trying to forward a port (80) from internet to my IP cam. 

Here is my network scenario

I did forward port 80 in Fritzbox, that seems to work. I forward 4444 to Sophos for testing and it worked. I could open Sophos Webgui on public ip.

Here is my Firewall Rule:

actual tried with network Any instead of WAN but didn't work either.

Here my dnat rule

 

So what I have tried.

I tired to call my Ip address with port 80 and firewall log says:

19:23:49 Default DROP TCP  
91.67.X.X : 53292
192.168.150.2 : 80
 
[SYN] len=60 ttl=62 tos=0x00 srcmac=cc:ce:1e:b8:0b:6b dstmac=00:1f:29:03:5a:6c

 

Then I connected a device to Fritzbox and tried to open 192.168.155.2:80 and firewall says:

192.168.150.102 : 51124
192.168.150.2 : 80
 
[SYN] len=60 ttl=64 tos=0x00 srcmac=fc:65:de:ad:aa:5e dstmac=00:1f:29:03:5a:6c

 

I tried so many settings like setting up snat or network masqerade. I did try even firewall rule any network using any port to any networks but that didn't work as well.

It drives me nuts.  Let me know if I missed information to share.

I do appreciate every help

thank you in advance

Simon



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    Besides the question  LuCar asked, you will need a port range for your DNAT. Why do you have the WAN and device in both sides of a rule? You will need two rules.

    You have the fritz box setup as a router not a modem and your life would be made a little easier if you changed the fritz box into a modem in bridge mode.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    I am sorry, actual Fritzbox is setup as router but functionality of a modem with port forwarding because I use all services which define a router on Sophos UTM. So I just call the Fritzbox 6390 as a modem but its still a router.

     

    I've made 2 rules and I think I am getting closer:

    On calling of public IP I get this in Firewall Log

    21:51:08 Default DROP TCP  
    192.168.150.1 : 34726
    192.168.150.2 : 80
    		 
    [SYN] len=60 ttl=64 tos=0x00 srcmac=cc:ce:1e:b8:0b:6b dstmac=00:1f:29:03:5a:6c

     

    Where do you want me to put a Port Range in DNAT rule ?

Reply
  • 0 in reply to rfcat_vk

    I am sorry, actual Fritzbox is setup as router but functionality of a modem with port forwarding because I use all services which define a router on Sophos UTM. So I just call the Fritzbox 6390 as a modem but its still a router.

     

    I've made 2 rules and I think I am getting closer:

    On calling of public IP I get this in Firewall Log

    21:51:08 Default DROP TCP  
    192.168.150.1 : 34726
    192.168.150.2 : 80
    		 
    [SYN] len=60 ttl=64 tos=0x00 srcmac=cc:ce:1e:b8:0b:6b dstmac=00:1f:29:03:5a:6c

     

    Where do you want me to put a Port Range in DNAT rule ?

Children
Unfiltered HTML