dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1180
share rss forum feed

cpil

join:2012-10-29

QSEE DVR behind ZyWall USG 100

Hello, let me preface this by saying that I am very inexperienced in how port forwarding works in the first place but have been successful on other routers. However, trying to forward ports on the USG 100 has given me only headaches so far (the last router I did this on only required two fields of entry to do this), so I'm hoping some kind souls can help me out!

The DVR unit has an IP address of 192.168.1.10, and is set so that the HTTP port = 8080, and Server port = 6036. So, I'm trying to open up both of those ports (TCP & UDP?) on the ZyWall.

From another thread here, I read that the solution to forward ports was to...
"You have to
1) Create Object -> Address for your lan machine
2) Create Object -> Service for UDP/TCP 50132 port
3) Create Network -> Virtual Server for the service
4) Firewall rule for the service"

If the above is correct, I have a few questions still...

1) Do I enter address type as HOST? And input the IP address of my DVR?

2) I added 4 entries here, 1 each for the 4 ports I'm forwarding, both TCP and UDP, correct?

3) Is this under Network > NAT? If so, I am clueless on what to enter in any of the Mapping Rule section fields.

4) I also do not know how this works, or what to enter in each field...

So if anyone can take some time to help walk me through this process, I would greatly appreciate it.


Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:5
Correct
1 - address object host with IP 192.168.1.10

2 - Service object, Will need two, one for UDP and one for TCP
Also create a group object with both of these in it. (for firewall rule)

3 - port forward using Virtual Serverl
a. using NAT menu select add virtual server mapping type.
b. incoming interface usually WAN1
c. original IP - any
d. mapped IP - name of address object you created.
e. port mapping - service
f. name of port mapping object udp
g. name of port mapping object udp

create second rule only difference is f. and g. being tcp

dont enable loopback.

Now you need to make a corresponding firewall rule.

WAN to LAN

user-any, source-any, (unless you can narrow down external access to specific IP address or range), destination - name of address object, Service - group object that has both tcp and udp ports covered. Access ALlow
--
Ain't nuthin but the blues! "Albert Collins".
Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"

LlamaWorks Equipment


Brano
I hate Vogons
Premium,MVM
join:2002-06-25
Burlington, ON
kudos:11
Reviews:
·TekSavvy DSL
·Bell Fibe
reply to cpil
Do you want to make the DVD accessible from internet? Is it a good idea?
Quick googling tells me it's a security device. Establishing a VPN to USG100 and accessing that DVD through encrypted VPN without exposing it's port to internet is probably better solution if you need remote access.