dslreports logo
    All Forums Hot Topics Gallery


how-to block ads

Search Topic:
share rss forum feed



QSEE DVR behind ZyWall USG 100

Hello, let me preface this by saying that I am very inexperienced in how port forwarding works in the first place but have been successful on other routers. However, trying to forward ports on the USG 100 has given me only headaches so far (the last router I did this on only required two fields of entry to do this), so I'm hoping some kind souls can help me out!

The DVR unit has an IP address of, and is set so that the HTTP port = 8080, and Server port = 6036. So, I'm trying to open up both of those ports (TCP & UDP?) on the ZyWall.

From another thread here, I read that the solution to forward ports was to...
"You have to
1) Create Object -> Address for your lan machine
2) Create Object -> Service for UDP/TCP 50132 port
3) Create Network -> Virtual Server for the service
4) Firewall rule for the service"

If the above is correct, I have a few questions still...

1) Do I enter address type as HOST? And input the IP address of my DVR?

2) I added 4 entries here, 1 each for the 4 ports I'm forwarding, both TCP and UDP, correct?

3) Is this under Network > NAT? If so, I am clueless on what to enter in any of the Mapping Rule section fields.

4) I also do not know how this works, or what to enter in each field...

So if anyone can take some time to help walk me through this process, I would greatly appreciate it.

Sarcastic Llama? Naw, Just Acerbic
Dartmouth, NS
1 - address object host with IP

2 - Service object, Will need two, one for UDP and one for TCP
Also create a group object with both of these in it. (for firewall rule)

3 - port forward using Virtual Serverl
a. using NAT menu select add virtual server mapping type.
b. incoming interface usually WAN1
c. original IP - any
d. mapped IP - name of address object you created.
e. port mapping - service
f. name of port mapping object udp
g. name of port mapping object udp

create second rule only difference is f. and g. being tcp

dont enable loopback.

Now you need to make a corresponding firewall rule.


user-any, source-any, (unless you can narrow down external access to specific IP address or range), destination - name of address object, Service - group object that has both tcp and udp ports covered. Access ALlow
Ain't nuthin but the blues! "Albert Collins".
Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"

LlamaWorks Equipment

I hate Vogons
Burlington, ON
·TekSavvy DSL
·Bell Fibe
reply to cpil
Do you want to make the DVD accessible from internet? Is it a good idea?
Quick googling tells me it's a security device. Establishing a VPN to USG100 and accessing that DVD through encrypted VPN without exposing it's port to internet is probably better solution if you need remote access.