Forwarding a port range

andyh · ‎03-29-2012

Hi, I' ve been trying to get this right and have been pulling my hair out :) I need to forward a range of ports to a single IP internally. I' ve tried doing this by VIP. I' d like to forward on for example, ports 12690 to 12700 inclusive to the same ports internally on 1 IP on the LAN. I' ve created a custom service with TCP low 12690 and high 12700 for source and 12690 low and 12700 high for destination. I' ve created a VIP with the correct external IP and internal IP, ticked port forwarding then had a problem, I can only type one port in for external port, the box to the right hand side is greyed out. So I typed in just 12690. Same for map top port underneath. I then created a policy from wan to internal with the VIP as destination and the custom service 12690 to 12700 tcp range I added earlier set to accept always. Unfortunately it doesn' t seem to be working. Any idea what i' ve done wrong here? Or maybe this is only possible from command line?

jmac · ‎03-29-2012

Creating a custom service is optional when using port forwarding with a VIP as the VIP settings will filter the ports used. You could just select ANY in the Service selection in the Firewall Policy. If you want to assign a custom service, you will need to change the source ports for the custom service to the default of 1-65535 since most conections originate from random port numbers. You only want to control the destination ports. To set a port forwarding range in the VIP, assign the starting port for the External Service Port and the start and end port range on the " Map to Port" line; the external service port range will be set based on the internal range defined. This is the case for firmware versions 4.2 and lower; as of 4.3, the range is set on the External Service Port line instead.

andyh · ‎03-29-2012

Ok, I' ll give the second line a try. Many thanks jmac :)

Forwarding a port range

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website