Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

External IP to optional port

External IP to optional port

External IP to optional port

I have a watchguard x750e I have 24 or so address given to my from my ISP I have some of them applied to the external nic as secondary address's I want to give a server an external ip can I use one of the optional interfaces for that?

Thanks for any help you can provide.

RE: External IP to optional port

Of course.

So if you want to create a DMZ on an optional port for your server, you then use 1 to 1 NAT (under NAT) to assign one of your IPs to that device.

Then in your policies, create the appropriate rules to allow traffic either from the outside in such as Web (policy would be Any external to your public IP you assigned under NAT) and also rules from trusted to optional. careful there though. if your intention is to snadbox say a web server then only allow traffic to gain access to your web server. The intention might be to isolate your trusted from your public services. This is called network segmentation.

General Geek

RE: External IP to optional port

P.S - time to retire that x750e. I would be inclined to replace it with an XTM 330 or 500 series depending on budget.

General Geek

RE: External IP to optional port

So in the config for optional interface do I need to add the external address? or leave it as a secondary address on the external interface.

I follow you on the one to one config the above portion im a bit confused about.

thanks for your help.

RE: External IP to optional port

No, if your server is already on your trusted network, remove the secondary IP off the external and add it into 1 to 1 NAT

The apply policies as required.

no need to configure optional ports

General Geek

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close