Hello all, i am trying to forward a port (80) from internet to my IP cam. Here is my network scenario Device: Fritzbox: I did forward port 80 in Fritzbox, that seems to work. I forward 4444 to Sophos for testing and it worked. I could open Sophos Webgui on public ip. Port Forwarding on FritzBox: Here is my Firewall Rules on Sophos: And Actual tried with network Any instead of WAN but didn't work either. Here my dnat rule So what I have tried. I tired to call my Ip address with port 80 and firewall log says: 19:23:49 Default DROP TCP 91.67.X.X : 53292 → 192.168.150.2 : 80 [SYN] len=60 ttl=62 tos=0x00 srcmac=cc:ce:1e:b8:0b:6b dstmac=00:1f:29:03:5a:6c Then I connected a device to Fritzbox and tried to open 192.168.155.2:80 and firewall says: 192.168.150.102 : 51124 → 192.168.150.2 : 80 [SYN] len=60 ttl=64 tos=0x00 srcmac=fc:65:de:ad:aa:5e dstmac=00:1f:29:03:5a:6c I tried so many settings like setting up snat or network masqerade. I did try even firewall rule any network using any port to any networks but that didn't work as well. It drives me nuts. Let me know if I missed information to share. I do appreciate every help thank you in advance Simon EDIT:

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Port forwarding with Fritzbox as router

Simon Kallenbach over 5 years ago

Hello all, i am trying to forward a port (80) from internet to my IP cam.

Here is my network scenario

Device:

Fritzbox:

I did forward port 80 in Fritzbox, that seems to work. I forward 4444 to Sophos for testing and it worked. I could open Sophos Webgui on public ip.

Port Forwarding on FritzBox:

Here is my Firewall Rules on Sophos:

And

Actual tried with network Any instead of WAN but didn't work either.

Here my dnat rule

So what I have tried.

I tired to call my Ip address with port 80 and firewall log says:

19:23:49

Default DROP

TCP

91.67.X.X

53292

→

192.168.150.2

[SYN]

len=60

ttl=62

tos=0x00

srcmac=cc:ce:1e:b8:0b:6b

dstmac=00:1f:29:03:5a:6c

Then I connected a device to Fritzbox and tried to open 192.168.155.2:80 and firewall says:

192.168.150.102

51124

→

192.168.150.2

[SYN]

len=60

ttl=64

tos=0x00

srcmac=fc:65:de:ad:aa:5e

dstmac=00:1f:29:03:5a:6c

I tried so many settings like setting up snat or network masqerade. I did try even firewall rule any network using any port to any networks but that didn't work as well.

It drives me nuts. Let me know if I missed information to share.

I do appreciate every help

thank you in advance

Simon

EDIT:

This thread was automatically locked due to age.

0 LuCar Toni over 5 years ago

Hi,

as mentioned before.

Your DNAT Rule is not correct.

Simply replace Going to with your External WAN Address object.

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 5 years ago

Hallo Simon and welcome to the UTM Community!

Toni gave you the answer, but there are several things you should know...

Alone among the logs, the Firewall Live Log presents abbreviated information in a format easier to read quickly. Usually, you can't troubleshoot without looking at the corresponding line from the full Firewall log file. In the future, you will want to post the corresponding line(s) from the full Firewall log file.

See #1 in Rulz for troubleshooting advice. See #2 to understand the sequence of things an arriving packet passes through. See #3 through #5 for rules about routing and NAT rules. You will see mention of what Toni suggested.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel