We have a WatchGuard XTM510 firewall and it is behind a Time Warner Telecom AdTran unit which provides our VOIP services. According to TW they say there is no nat enabled so any requests coming through goes straight to the WatchGuard. We are working with WatchGuard on this but they are slow to respond as they designate a single tech to your case all of the time, that's good and bad. But in any case, we've followed their instructions to a T and the port forwarding is just not working.
On the external interface is a private IP because of the AdTran being in front of the WatchGuard.
So AdTran has 192.168.2.1
WatchGuard is 192.168.3.1
We setup the policy using policy manager and it looks like any-external (from) any-external --> 192.168.3.x which is the security camera setup with ports of 8001, 8081 and 8554 open.
Using an outside computer attempting to connect to their static public IP address and using those ports do not work. There is also a few other port forwards for SSH access but that too does not work.
I look at the static routes page and I can see static routes from 192.168.2.1 which is the gateway and the route to is 192.168.4.0/24 but I don't see anything for 192.168.3.0/24 and was wondering if that's why the port forwarding is not working.
Another thing is another team member swapped out the WatchGuard for a basic Linksys router and was able to port forward successfully.