Hello
Having some noob issues. This is what I have:
WAN: /30
LAN: /25 Public IPs
I have a time clock on my LAN - IP: x.x.x.9 - that I need to open port 4370 for UDP and TCP. I want to lock it down so only the public server from the company that is providing the service can use the port - but it isn’t working. What am I doing wrong? Any help would be great
TIA
Do you actually need the port open? Could the traffic be part of your established or related chain instead? If you are “dialling out” to this company then you shouldn’t need this rule.
Can you do an export (hiding the addresses of course) so we can see and help?
Concur iwth Steve on seeing the config.
In general one needs an IP Firewall Filter rule to allow DSTNAT connections (forward rule) which covers all port forwarding rules.
Then you need to go to IP FIREWALL NAT rules to install the specific rules.
They should identify the incoming port, the incoming interface (WAN), [ the source address (if one) or source address-list (if many) - this is optional but is better security ] then the to-address (Of your private server etc.) and To Ports if different from the incoming ports, plus appropriate protocol of course.