[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3447
  • Last Modified:

Port Forwarding on XTM 23 Series

I have extensive experience with Sonicwall setups.

I recently acquired an XTM 23 Series Firebox to replace my Sonicwall.  Firmware on the Firebox is 11.4.2

What are the steps to setup Port Forwarding?

Example:  From the internet, I want to be able to remote in to my Firebox using RDP Port 3392 to an internal Address of

I did setup a New Firewall Policy and told it to Accept from Any-External but wasn't sure on how to setup the To section.

Do I need to setup a Rule under SNAT for each Port Forward?
  • 4
  • 2
1 Solution
j4piperAuthor Commented:
XTM 23 Series - Firmware 11.4.B306888
You setup a new rule
then say;
from: external or any-external
To: --> Add  NAT --> make nat from external to internal IP

you don't need a new rule for each forward, if you want to forward several ports to one and the same server from the same external, you can do either:

-make 1 big rule with all protocols in it
-make a snat and reuse it in the other rules
j4piperAuthor Commented:
I understand what you are saying but I need guidance on where to do this in the Firebox Web UI?

Thank you.
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

To Enable RDP and forward through to an internal IP address:
- Login to your WatchGuard's WebUI
- Go to Firewall > Firewall Policies
- Select your Firewall Policy and Click Edit
- Ensure your Policy Type is RDP
- In the From area confirm that it says Any-External
- In the To area Remove anything in there currently
- In the To area Click Add
- In the Member Type drop down menu, select static NAT
- Select your External Address from the drop down menu
- In the next field, type in the internal IP address and then Click OK
- Click Save in the Main Policy Screen
- Test it out
j4piperAuthor Commented:
hello there.

here is a screenshot of what i was interpreting from your email.

is this what you were thinking of?

that is correct
j4piperAuthor Commented:

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now