simple port forwarding

Question

Hello 
 V18 rules is confusing for now, how do i create a simple port forwarding, to allow access to a port from outside? 
 Thanks

Emile Belcourt · Accepted Answer

Hello Waghelak, 
 You first have to go to Firewall > NAT and make a NAT rule where the original and destination matches how you want the traffic to be forwarded. Then you have to go to the main firewall policies and make a firewall rule for the end result of the NAT. So if you forward to an internal server, you will have to make a firewall rule from the original source (internet) then with the resulting services (if you changed it, use the changed service, otherwise use the original) and the resultant changed destination. 
 Hope that description helps. 
 Emile

lferrara · Answer

It is very confusing: 
 
 Create a NAT, under Rules and policies. For example, 
 
 Create a Firewall rule to allow traffic from Any to WAN zone where destination network/host is the WAN ip address

alda · Answer

Hello Luk, 
 please check ( below ) the DNAT firewall rule and appropriate DNAT rule. Especially focus on the Destination Zone and the Destination Network in the firewall rule. The Destination Zone is LAN zone and #PortB: 1 is the alias address on the WAN interface! It is very interesting interconnection of the Destination Zone and the Destination Network! 
 This is not me, but it is the result of business rule migration from v17.5 to v18 EAP1. But it really works. I learned something new again thanks to Sophos ... 
 However, it is important that the DNAT rule must be before the masquerading rule (MASQ) otherwise of course "matches" the User Portal. 
 Regards 
 alda 
 [:(]