Solved

Forwarding single port to seperate machine ZyWall USG 50

Posted on 2011-03-15
7
3,889 Views
Last Modified: 2012-05-11
We set up a ZyWALL USG 50 on our network. We have everything being forwarded to the server on the network. However there is one port that we would like to forward to a separate machine on the network. Set up 1:1 NAT for the server and set up a second 1:1 NAT for the separate machine, but it still forwards to the server.
0
Comment
Question by:mjkisic
  • 4
  • 3
7 Comments
 
LVL 32

Accepted Solution

by:
it_saige earned 250 total points
ID: 35141499
Move the nat rule for the second machine in front of the nat rule for the server.  If the ACLs in the ZyWall are configured properly, then the rule for the second machine will be resolved before the rule for the server is resolved.

-saige-
0
 

Author Comment

by:mjkisic
ID: 35141614
Alright so we have two NAT's.
the first one is 1:1 NAT to the PC.
Interface: WAN1
Original IP (Static IP)
Mapped IP (Internal IP)
Protocol TCP

Second is,
1:1 NAT to the server
Interface WAN1
Original IP (static IP)
Mapped IP (Server Internal IP)
Protocol Any
0
 
LVL 32

Expert Comment

by:it_saige
ID: 35141655
That should be all you need.

Can you post your ACL's (remember to remove any personal/confidential information).

-saige-
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 

Author Comment

by:mjkisic
ID: 35141673
What specifically?
0
 

Author Comment

by:mjkisic
ID: 35141716
Priority 1 from WAN to LAN any user any source
destination (Internal computer)
service (TCP Port)
allow

Priority 2 from WAN to LAN
and user
source (any)
destination (internal server)
service "sharepoint services)
allow
0
 
LVL 32

Expert Comment

by:it_saige
ID: 35141955
That should be good.

-saige-
0
 

Author Comment

by:mjkisic
ID: 35142107
It didn't kick in until just now for some reason, but that worked. Thank you.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now