Create a Post
Showing results for 
Search instead for 
Did you mean: 

UDP mapping (on R80.20)

Silly me. I tried to find the answer in Secure Knowledge or in some existing predefined service. But I could not find the answer.

I want to map a port on the firewall to a port on another server. (aka: my honeypot)

It's easy to clone http_mapped and do this for TCP port. But I can't find an example for UDP.

So I did the next best thing and did a trial-and-error attempt:

  1. Clone http_mapped to my own service HoneyPot_SIP
  2. General
    1. Match By : Change from IP Protocol 6 to IP protocol 17
  3. Advanced
    1. Match: Change tcp to udp
    2. Match: Change dport=80 to dport=5060
    3. Action: Change 80 to 5060
    4. Action: Change to my HoneyPot IP address
  4. Publish and install policy

So far it seems work just fine. Need to do some real capturing to see it the translate actually works.

0 Kudos
3 Replies

Curious why you wouldn’t use regular NAT rules for this (which is what I do).

0 Kudos

There are some side effects if you do NAT on the gateway itself.

The port mapping does not interfere with other traffic.

But it is also is a matter of taste I guess.

The point was more about documenting HOW to do it.

0 Kudos

I remember having done this a long time ago as well. There was some advantage, NAT didn't provide back then.

However, keep in mind that any _mapped service won't be accelerated by SecureXL as mentioned by Tim.

0 Kudos