jbcbussoft
asked on
How do I open ports on a Firebox x700
I have a watchguard firebox x700 that I need to open ports on. I have setup rules to that effect but when I use a port viewer it does show the port as available from the web. We no longer have support from Watchguard as the device is about 5 years old. Any help would be appreciated.
ASKER
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Will do tomorrow am.
ASKER
I removed the service and recreated it. The ports to be used are 80 1600 and 37260 - 37263. I added a tcp and udp line for each and all were set to ignore. I was told a port forward had to be setup. I read that static nat is the same as a port forward so I set up a external to internal nat on the service. Their (DVR company) support said to check for open ports using Canyouseeme.org. The only port it shows open is 1433. I tried MXToolBox.com and got similar results. What now?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sorry about the slow response but I was swapping over a Sql server yesterday. I changed the ip addresses to 'any ' and was able to 'see' 80 and 1600. 37260 and up weren't available. This appears to be what I need to begin to help figure out what is going on. I will post more today.
No problem; please post updates as this would help with further troubleshooting.
Thank you.
Thank you.
ASKER
Sorry about that I got side tracked. I will post the results later this evening.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The service was changed to any. This log file shows canyouseeme.org is being allowed. At least that is what I see. The only port that Canyouseeme.org shows as open is 80.
Log.txt
Port-check.txt
Log.txt
Port-check.txt
Would you be willing to post your xml config file here (of course without sensitive info where possible) ?
I would look at it and let you know why, if it is allowing the traffic now it sounds like a routing issue.
I would look at it and let you know why, if it is allowing the traffic now it sounds like a routing issue.
ASKER
Ok excuse my ignorance. What are my xml config files? I have the configuration files with a cfg extension. Are these the xml files?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Netstat doesn't show the server listening on these ports but the DVR isn't run through the server. It is connected directly to the firebox. So wouldn't the problem be then with the DVR?
Am not sure about DVR; but for canyouseeme to show ports as open there should be a socket listening to which it would connect and report the port as open.
So, the firebox is properly configured now; check with your remote site if they can connect; if not; then it has to do something with the DVR settings, which I would not be able to help with.
Thank you.
So, the firebox is properly configured now; check with your remote site if they can connect; if not; then it has to do something with the DVR settings, which I would not be able to help with.
Thank you.
ASKER
OK thanks!
ASKER
Alright here is the latest update. The DVR has been available most of the time. The problem was I was trying to view the website from within the LAN and I should have been trying from outside the LAN. :)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Do you mean it does NOT show port as available.
Can you please post sanitized screenshot, after ensuring that the steps you have taken are as below:
http://watchguard.custhelp.com/app/answers/detail/a_id/2029/kw/open%20ports/related/1
Thank you.