Solved

Forwarding single port to seperate machine ZyWall USG 50

Posted on 2011-03-15
7
3,949 Views
Last Modified: 2012-05-11
We set up a ZyWALL USG 50 on our network. We have everything being forwarded to the server on the network. However there is one port that we would like to forward to a separate machine on the network. Set up 1:1 NAT for the server and set up a second 1:1 NAT for the separate machine, but it still forwards to the server.
0
Comment
Question by:mjkisic
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 34

Accepted Solution

by:
it_saige earned 250 total points
ID: 35141499
Move the nat rule for the second machine in front of the nat rule for the server.  If the ACLs in the ZyWall are configured properly, then the rule for the second machine will be resolved before the rule for the server is resolved.

-saige-
0
 

Author Comment

by:mjkisic
ID: 35141614
Alright so we have two NAT's.
the first one is 1:1 NAT to the PC.
Interface: WAN1
Original IP (Static IP)
Mapped IP (Internal IP)
Protocol TCP

Second is,
1:1 NAT to the server
Interface WAN1
Original IP (static IP)
Mapped IP (Server Internal IP)
Protocol Any
0
 
LVL 34

Expert Comment

by:it_saige
ID: 35141655
That should be all you need.

Can you post your ACL's (remember to remove any personal/confidential information).

-saige-
0
Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

 

Author Comment

by:mjkisic
ID: 35141673
What specifically?
0
 

Author Comment

by:mjkisic
ID: 35141716
Priority 1 from WAN to LAN any user any source
destination (Internal computer)
service (TCP Port)
allow

Priority 2 from WAN to LAN
and user
source (any)
destination (internal server)
service "sharepoint services)
allow
0
 
LVL 34

Expert Comment

by:it_saige
ID: 35141955
That should be good.

-saige-
0
 

Author Comment

by:mjkisic
ID: 35142107
It didn't kick in until just now for some reason, but that worked. Thank you.
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question