Create a Post
Showing results for 
Search instead for 
Did you mean: 

Portforwarding and internal networks

Hello @All,

I would like to enable port forwarding that works from the outside, even on the LAN. A mobile app that communicates with a service via the public address should be forwarded directly to the destination when the device is on the internal WLAN. The WLAN is on the same network. That is, requests to the public service port should be forwarded directly to the internal server. Unfortunately, I have not been able to figure out how to accomplish this. All attempts have failed so far.
OrgSrc: <networkname>
OrgDest: <public IP>
OrgSrv: <serviceport>
TrlSrc: Original
TrlDest: <server with the service>
TrlSrv: original (and alternatively serviceport).

In our CP FW 1530, 2 networks (switches) are defined. There is a NAT rule for each of these networks, since otherwise no Internet access is possible via the global parameter (NAT on). For this reason, the following NAT rule was created for each network:
OrgSrc: <networkname>
OrgDest: Any
OrgSrv: Any
TrlSrc: <public IP>
TrlDest: Original
TrlSrv: Original

How can I realize this feature?

Thanks for any suggestions


0 Kudos
3 Replies

The correct way to do this is to create a server object (not a NAT rule).
And yes, there is a specific option in the server object to support the use case you’re describing.

0 Kudos

A server object is existing. (Why do I've to define a port instead of a service object?) This object is working fine for external requests of the mobile device, but not for internal requests, while the requests are using the public IP. Access for all zones is activated.
NAT settings: Hide behind gateway
Advanced: Force translated traffic


Server objects require defining the specific ports.
Regardless, I can confirm this is not working as expected.
Recommend opening a TAC case.

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events