Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Port Forwarding???? 1

Status
Not open for further replies.

mcell0042

Programmer
Mar 13, 2003
13
US
We have a web/mail server at our company. We recently got Security cameras that are up and running. Internally I can connect to the DVR by typing in the private IP (which is using port 80). When I'm outside my LAN and I type in our public IP address I get our website. I understand why but what can I do inside my Sonicwall to point the traffic to MY DVR and still have my webserver up.
 
You don't mention what Sonicwall you have, so assuming you have a public server wizard on your Sonicwall, use that to define a second instance of a web server using a second public ip address, and point that to the internal ip address of the dvr. This assumes you have more then one public ip address. If not, then you can use a different port on the single address to forward to the dvr internal ip address. So, for example, in the outside world you might have a url Then on the Sonicwall you set the second instance of the web server to listen on port 250 on the wan instead of 80, and point that to the dvr.
 
SonicOS Standard 3.1.5.0-2s. I don't see a Public server wizard. And yes I do Have more than 1 public address. I haven't seen anything inside of Sonicwall to set up a second IP Address...
 
Ok, with standard OS you may not have the wizard. Here are the steps to do it manually.

Server Address Objects:
1. create 'dvr private' assigned to LAN zone for ip address of the dvr.
2. create 'dvr public' assigned to WAN zone for some other public address you have available.

Server Service Group Object:
1. create 'dvr services' with http and https (if used) services.

Server NAT Policies
1. Create inbound Server NAT policy to rewrite packets to original destination 'dvr public' to tranlated destination 'dvr private'.
2. Create outbound Server NAT policy to rewrite packets from 'dvr private' to translated source 'dvr public'.
3. Create loopback NAT policy to allow access from all internal zones to the server at the new public address.

Server Access Rules
1. WAN>LAN Allow 'Any' to 'dvr public' for Service Group 'dvr services'

If you have any lower security zones, you might need to add those as well.

This should do it! As you can see, using the Public Server Wizard is a lot easier.

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top