Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 3 subscribers
  • Views 8443 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Open Custom Port on Firewall

Michael Ziminski

Hi, I want to open port 3579 on my UTM so I can use this custom port remote-ing into my PC at home.  The reason why I want the special port created is because I know it's never a good idea to have port 3389 open on your public IP.  I set up the DNAT rule like this: 

I've created the service definition as follows: 

 

 

But it's still not working.  I still can't get connected to it. 

I have also went in manually to the firewall and created the firewall rule, \\but that still doesn't work.  I even tried looking on Advanced Port Scanner and the port is not open. 

 

Any help would be greatly appreciated! 

Thanks in advance!



This thread was automatically locked due to age.
  • 0

    Hi Michael and welcome to the UTM Community!

    It's difficult to absorb the text.  In future posts, paste an image of the Edit of a rule where 'Advanced' is open if applicable.  In this DNAT, you could then have double-clicked on the "Zim RDP" definition and it too would have opened up in Edit.  Easier to understand than text and quicker to do with the Windows Snipping Tool.

    If I read your post correctly, you did this exactly right.  What do you learn from doing #2 in Rulz?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob, 

    Thanks so much for replying.  You're 100% right, I should've posted screenshots rather than the text.  I've edited the post to include screenshots and also an explanation of why I want to do this.  May you take another look? 

     

    Thanks, 

    Mike

  • 0

    Good job, Mike - easy to understand at a glance!

    That's what I expected to see - that you did this correctly.  If you tried #2 in Rulz and found nothing, then I'm going to guess that you're testing from inside your home network.  If that's the case, you need a Full NAT instead of a DNAT - see Accessing Internal or DMZ Webserver from Internal Network.  Was that it?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thanks Bob. From what I can tell, there's nothing that I need to do according to #2 in Rulz. I haven't done much with any of the other settings.  And I was trying the rule from my job to my home which has a different public IP.

    But something odd: I am able to RDP into my server from my work PC if I set up the DNAT rule with the Microsoft Remote Desktop Protocol as set up by the wizard. Just the port that I want to create is not working.

  • +1 in reply to Michael Ziminski

    Actually, I'd get rid of DNATs and use Remote Access instead.  I prefer the SSL VPN, but for your purpose, the HTML5 setup for RDP would seem to be ideal.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    BAlfson said:

    Actually, I'd get rid of DNATs and use Remote Access instead.  I prefer the SSL VPN, but for your purpose, the HTML5 setup for RDP would seem to be ideal.

    Cheers - Bob

     

     

    I sent you a PM.  The custom port that I set up is now working completely out of the blue with no config changes.  Weird..., but I'm glad it's working.  I did set up the HTML5 portal as a backup.  Thanks for all the help!

Unfiltered HTML