• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1135
  • Last Modified:

Watchguard X700 Firewall - Configure Static NAT or Complete DMZ

Hi, I've got a voip application which needs either a Static NAT or a complete DMZ. Firewall is an old Watchguard X700 Firewall.

Can someone post a step by step to get the box to do DMZ to an internal machine. Statically map an external address to an internal for example.

We've done this as many times but it's just not working.

Thanks
0
binele
Asked:
binele
1 Solution
 
dpk_walCommented:
If you have a public IP which you would like to dedicate for the VoIP device so that WG would not do any
PAT, then configure 1-1 NAT as below:
http://watchguard.custhelp.com/app/answers/detail/a_id/1545/kw/1-1%20NAT%20configuration/session/L3NpZC9pTjd0dENhaw%3D%3D

Also, ensure that the public IP you have selected for 1-1 NAT was not previously added for static NAT forwarding by adding under external aliases:
http://watchguard.custhelp.com/app/answers/detail/a_id/1318/session/L3NpZC9pTjd0dENhaw%3D%3D

Finally create a service to allow traffic from external host/subnet to this 1-1 NAT public IP [or use ANY for testing purposes and then narrow down the service to fewer ports/protocols]; explained in the first article.

Please update.

Thank you.
0
 
bineleAuthor Commented:
Thank you. This was spot on.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now