We have a web/mail server at our company. We recently got Security cameras that are up and running. Internally I can connect to the DVR by typing in the private IP (which is using port 80). When I'm outside my LAN and I type in our public IP address I get our website. I understand why but what can I do inside my Sonicwall to point the traffic to MY DVR and still have my webserver up.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Port Forwarding???? 1
- Thread starter mcell0042
- Start date
-
1
- #2
You don't mention what Sonicwall you have, so assuming you have a public server wizard on your Sonicwall, use that to define a second instance of a web server using a second public ip address, and point that to the internal ip address of the dvr. This assumes you have more then one public ip address. If not, then you can use a different port on the single address to forward to the dvr internal ip address. So, for example, in the outside world you might have a url Then on the Sonicwall you set the second instance of the web server to listen on port 250 on the wan instead of 80, and point that to the dvr.
- Thread starter
- #3
Ok, with standard OS you may not have the wizard. Here are the steps to do it manually.
Server Address Objects:
1. create 'dvr private' assigned to LAN zone for ip address of the dvr.
2. create 'dvr public' assigned to WAN zone for some other public address you have available.
Server Service Group Object:
1. create 'dvr services' with http and https (if used) services.
Server NAT Policies
1. Create inbound Server NAT policy to rewrite packets to original destination 'dvr public' to tranlated destination 'dvr private'.
2. Create outbound Server NAT policy to rewrite packets from 'dvr private' to translated source 'dvr public'.
3. Create loopback NAT policy to allow access from all internal zones to the server at the new public address.
Server Access Rules
1. WAN>LAN Allow 'Any' to 'dvr public' for Service Group 'dvr services'
If you have any lower security zones, you might need to add those as well.
This should do it! As you can see, using the Public Server Wizard is a lot easier.
Server Address Objects:
1. create 'dvr private' assigned to LAN zone for ip address of the dvr.
2. create 'dvr public' assigned to WAN zone for some other public address you have available.
Server Service Group Object:
1. create 'dvr services' with http and https (if used) services.
Server NAT Policies
1. Create inbound Server NAT policy to rewrite packets to original destination 'dvr public' to tranlated destination 'dvr private'.
2. Create outbound Server NAT policy to rewrite packets from 'dvr private' to translated source 'dvr public'.
3. Create loopback NAT policy to allow access from all internal zones to the server at the new public address.
Server Access Rules
1. WAN>LAN Allow 'Any' to 'dvr public' for Service Group 'dvr services'
If you have any lower security zones, you might need to add those as well.
This should do it! As you can see, using the Public Server Wizard is a lot easier.
- Status
Similar threads
- Locked
- Question
- Locked
- Question