Watchguard port forwarding via SNAT

I have a problem with port forwarding on Watchguard.
What I want? I need to access from Internet via public IP on different port (lets say 9999) to a Remote Desktop on a PC which is on local network (win 10).

What I did?

I created a SNAT policy, where I chose External (with certain IP address – my gateway-watchguard public IP),
Internal IP Address – I set as a my WIN 10 on local network (10.10.0.1)
I ticked internal port as 3389 (RDP)

then,

I created a custom firewall policy with protocol TCP 9999
and I used it where I set FROM (as my public IP where my whole traffic goes in and out), and TO I set as SNAT(public IP->10.10.0.1:3389)

Now, as I belive, whole traffic which comes outside my local network on port 9999 should be forwarded to 10.10.0.1 on port 3389?

But it's not working. I tried to connect via Windows RDP -> publicIP:9999 and nothing.

Any ideas what I am doing wrong?

Regards

Best Answer

To achieve port forwarding on Watchguard you need to:

create a SNAT (static NAT) policy with proper External source,
set Internal IP Address as a your wanted PC (local IP) and tick a different internal port (3389 in case of RDP).
create custom firewall with any selected port and set FROM (as wanted External source) and IN as that SNAT.

That means, that whole traffic which comes from external source on selected port will be redirected into your PC in local network on port 3389 (RDP).

Be sure that you are not blocking those ports.

Best Answer

Related Solutions

Ssh – pf port forwarding

Watchguard XTM Internal Policy Denial

Related Topic