Forwarding port 80

N

NOLACop

Baseband Member
Messages
88
Location
New Orleans
I have several servers that I try and administer. I say try because I have no formal computer training. I teach myself networking based on what I am trying or need to do for work. Currently I have 5 servers in a rack behind a Sonicwall Pro 2040. I have a static IP to access various systems on my network, Currently I have a CCTV system with 3 DVR's set up with internet access, I have a crime camera IP network runing with Milestone systems. I recently installed a Watchdog 100 server environment monitor. Right now the only way I can check the Watchdog is to start my VPN and use the IP address on the LAN because the Watchdog does not have the option of applying a specific port. It is set by default to port 80.

Here are my questions:

1. Is there a way to tell how many things are coming into the LAN from the WAN on port 80?

2. Is it possible to forward port 80 to a specific IP address on my LAN?

I do not run any web or email servers from my network. The servers are used for storing video databases, report databases, providing WAN access to the Crime camera and CCTV cameras.

Thanks
 
the sonicwall should be able to do this. check for connections monitor tab in its ui to see connetcion info. also, lookup how to add a nat policy. this will allow you to forward a port.
 
I know how to create a service and forward the port and making NAT policy, but if there are several things using port 80 that I am not aware of, I don't want to forward port 80 to my Watchdog and have all inbound traffic using port 80 go to the watchdog. I am not the only person who has worked on the network. I didn't set up the IP camera network or configure the DNS or DHCP or the firewall so Im not 100% sure what is coming in on port 80. I assume it will mess up whatever was using port 80 in the first place and possibly mess up the watchdog also. And I wasn't completely sure if you could even forward port 80 since its the default port for all web traffic.
 
While I am not at all familiar with that Sonicwall device, or its capabilities, you should be able to map port 80 on the watchdog to any port on the WAN side that you want.

An example I have for you, is my own home network. I have a NAS (Network Attached Storage) box on my LAN which has a web & FTP server and other things on it. The web server is currently set for port 80, and that is the WAN port I have it mapped to. Lets say when my daughters 1st birthday rolls around next month, I want to post up a gallery with all of the photos from the birthday for my family, but I don't want it to sit out on port 80 for just anyone to see, I could map port X on the WAN side, to port 80 of the LAN address 192.168.1.72 for my NAS box.

you could map several LAN devices which use port 80 to various ports on the WAN side.


Example:

Code: 
Server              Wan address     Port               Lan Address    Port 
Cameras              10.1.1.1       1000               192.168.1.10    80
FTP web config       10.1.1.1       2000               192.168.1.20    80
media server         10.1.1.1       3000               192.168.1.30    80
File storage         10.1.1.1       4000               192.168.1.40    80
Radios               10.1.1.1       5000               192.168.1.50    80

http://10.1.1.1:1000 - would take you to the camera server externally

Hope that makes sense.
 
Last edited:
I can not change the port on the Watchdog. It is permanently on port 80. The more expensive appliances allow you to change the port but not mine. I understand I can tell the sonicwall to route traffic from my static ip on the WAN side (70.167.xxx.x:80) to my appliance (192.168.xx.xxx:80) on the LAN side. But how do I configure the firewall to only allow traffic intended for the watchdog to access the appliance? If there are other things coming into the firewall via the static IP over port 80, would't it direct all port 80 traffic to the watchdog?
 
The thing you are missing is that just because the DESTINATION port on the watchdog hardware is port 80 does NOT mean that the traffic coming into the firewall from the WAN side has to be on port 80.

Here is a link to a list of TCP and UDP port numbers. Choose a port number which is above the range of registered port numbers. The range to choose from would be 49152–65535.

List of TCP and UDP port numbers - Wikipedia, the free encyclopedia


For example.......

Set up your sonicwall so that port 50001 on the WAN side is mapped to port 80 on the LAN side.


So.... (70.167.x.x:50001) maps to (192.168.x.x:80)
 
Is there a way to secure the connection. I completed the forwarding but now anybody that knows my static IP address can get into the Enviornment monitor. I am going to change the port on the WAN side but that still doesn't make it secure.
 
It only requires a username/ password to access the config settings. Anyone with the IP address can go in and change sensor names, alarm parameters, etc. And I don't think the model I have supports https.

Is there a way to config a password to access anything coming in on the WAN side no matter where it is being directed or maybe require a password for specific ports coming in from WAN on the static IP?
 
office politics said:
i would think watchdog would require a user // pass to login.

does watchdog support https?
Click to expand...

I checked the documentation that came with the appliance and the Watchdog 100 DOES support HTTPS. Is there something supecial I need to do on my firewall to configure this? I see no difference in the settings on the watchdog for confuguring HTTPS vs. HTTP.
 
You must log in or register to reply here.

Similar threads

I
Greetings, new here!
Replies
2
Views
539
grantheo
grantheo
M
How to control Siemens LOGO PLC through mobile network (4G, 5G...)?
Replies
1
Views
947
Antonio Turner
A
R
Help for my homelab
Replies
1
Views
588
PP Mguire
PP Mguire
S
Home network dropping
Replies
0
Views
759
Spud5437
S
P
Synology Access & Troubleshooting
2
Replies
10
Views
1K
PP Mguire
PP Mguire
Back
Top Bottom