![]() where to start.Ok, first off DO move HTTPS Management to some other port. Check the log to make sure that your packets aren't being dropped for other reasons (e.g. Use the packet monitor on the SonicWALL to capture packets when you are hitting the service from your hotspotĤ. Ensure that your address objects are in the correct zonesģ. This will let you know if packets are actually hitting the rules.Ģ. Check the hit counters next to your NAT policy and Access Rule to verify that they are incrementing when you hit the services from your hotspot. Or possibly, look at the precedence of the NAT rules to make sure that your newest rules are highest on the list.ġ. 80, 443) since, I believe NAT operations happen before the access rule operations.Įdit: Yeah, actually, it occurs to me that you may need to change your SonicWALL's management ports to something other than 80 and 443 even if you are doing port redirection. You may need to allow the original service port (e.g. ![]() Though, you may want to try allowing "Any" for the service on your access rule for testing. That said, it sounds like your are doing the right things as far as the NAT policy and the Access Rule. I would highly recommend using a VPN or, at least, an SSH tunnel to access services on your LAN, especially unencrypted channels like HTTP. What am I missing? There are no other ports forwarded, these that I'm trying to open are the only ports.įirst of all, I have to say that having your DVR accessible on the public internet is not a good idea. There is nothing in the logs whatsoever about blocked access, the policies' RX/TX counters are counting when I try to browse to the web server externally. I gave it that port and the local IP address of the web server, and it created NAT and Access policies, but that port is also still closed to the outside world. I set the web server to use port 12767 instead of port 80. I had a thought that maybe the DVR was blocking traffic due to the traffic coming from the WAN, and so I set up a simple web server on a PC instead, and created the same policies on the SonicWall for it using the Everything is fine and accessible locally. Still, the external ports are closed according to online port checker tools. Create 3 Access Rules for each port (I also tried creating one policy using a Service Group, no dice)įrom Zone=WAN, To Zone=LAN, Priority=1, Source=Any, Destination=Public WAN IP, Service=(81, 444, 554), Action=Allow, Users Included=All, Users Excluded=None Create 3 NAT policies for each port (I also tried creating a Service Group, no luck) - Source Original=Any, Source Translated=Original, Destination Original=Public WAN IP, Destination Translated=172.16.16.247, Service Original=port 81, 444, 554, Destination Translated=HTTP 80, HTTPS 443, RTSP 554 The articles and videos I've looked at tell me to do the following, which I've done. I was wanting to use 81 and 444 externally to not interfere with the SonicWall management interface, so I created new service objects for those ports. I have forwarded ports lots of times in the past, so I'm not new to this stuff. I've watched SonicWall tutorials, read articles, searched these forums, and also went through the Public Server Wizard to set up Port Forwarding, but nothing works. Click OK to add the serviceħ.Hi all, I'm trying to enable port forwarding on a SonicWall TZ 300 to allow external access to a no frills camera DVR box. Enter a Name for the custom service, Choose the Protocol (Usually TCP) and Enter the Port. ![]() In the Server Type field, choose Other and choose Create New Service. under ServicesĦ. The wizard will complete able to access the server from outside the internal network by using the public IP address (or A Record if you have one configured).ĥ. Verify that the information is correct, and click Apply Verify that the public IP Address listed is correct (Defaults to the SonicWALL’s WAN Interface IP) or change it to another accessible public IP and click NextĨ. Enter the Name and IP Address of the server you are directing traffic toward and fill out a Comment (Optional). ![]() Note: I will detail adding a custom service at the end of this guideĦ. In the Configuration Wizard window, select Public Server Wizard and click Next In the top Right corner, locate and click the Wizards buttonĤ. Enter your Username and Password to log into the firewall’s web interfaceģ. Open a web browser (Chrome or Firefox is preferred) and navigate to your SonicWALL’s Internal IP AddressĢ. This guide will show you how to forward ports using the Public Server Wizard in SonicOS Enhanced. If you are hosting any type of server in your network that needs to be accessed outside of the network, like for example a Web Server, E-mail Server or FTP Server, you will want to create a port forwarding rule to point the traffic to the necessary server and allow the traffic through the firewall.
0 Comments
Leave a Reply. |