Meraki

Community

port forwarding in Meraki go Firewall not working

markfit1
Comes here often
‎Sep 16 2024 2:45 PM
‎Sep 16 2024 2:45 PM

port forwarding in Meraki go Firewall not working

Hi All,

so ive put in a new Meraki GO FW and all works great however i now need to have my external phone supplier access there system from inside the FW on the LAN so in port forwarding i setup the rule for TCP on Port 7088 (the one they need) and there specific external IP (although also tried open from any IP) and still cant get into the system behind the FW and i thought this would be simple as the Meraki GO is very basic but has now wrecked my head and wondered am i missing somthign very simple here ?

 

any advice be appreciated 

thanks 

Mark

0 Kudos
8 Replies 8
Xydocq
A model citizen
‎Sep 16 2024 9:59 PM
‎Sep 16 2024 9:59 PM

hello @markfit1 

 

I've many forwarding rules and they work perfectly fine.

 

When you set up the rule, does it look like that?

 

Bildschirmfoto_17-9-2024_64957_web.meraki-go.com.jpeg

 

I find it useful to select the Network the device is on first, before adding a forwarding rule. Not sure if that's truly required, it's just how I do it.

 

I add the Allowed Public IPS after creating the rule.

 

The Device you want to forward the port to needs to have a static local IP.

 

hope this helps

0 Kudos
In response to Xydocq
markfit1
Comes here often
‎Sep 17 2024 1:51 AM
‎Sep 17 2024 1:51 AM

Hi Xydocq,

 

thanks for your reply and ive done it the exact same way as i dont see any other way to do it .. then externally im trying the Public IP:7088 and nothing 

markfit1_0-1726562980124.png

 

regards

Mark

 

0 Kudos
Xydocq
A model citizen
‎Sep 17 2024 8:40 AM
‎Sep 17 2024 8:40 AM

ok.

 

how do you test if the Port gets forwarded?

 

on Windows use Windows Powershell the command is test-netconnection ip-address -port 7088

 

test.png

 

Looks like you can use the local IP of the GX to verify if a port is open or not.

 

Next thing to check: The software runs on a pc? If yes, does this pc have a firewall installed that will block incoming traffic?

 

I had to set rules on my windows machines to accept traffic from a different vlan. Took me a while to figure out why I was able to ping the printer on the other vlan but not the pc.

 

hope this helps

0 Kudos
In response to Xydocq
markfit1
Comes here often
‎Sep 17 2024 10:03 AM
‎Sep 17 2024 10:03 AM

Hi Xydocq,

 

yes this will only work internally but does pass for port 7088 and port 5003, this is a internal phone switch so no PC but i can easily access this via a browser in the internal network. if i use the same method using the external public IP it fails i dont get any response,

 

thanks for your help 

 

kind regards

Mark

 

 

0 Kudos
In response to markfit1
Xydocq
A model citizen
‎Sep 17 2024 10:36 AM
‎Sep 17 2024 10:36 AM

Can you name the Phone provider, please?

0 Kudos
In response to Xydocq
markfit1
Comes here often
‎Sep 17 2024 10:41 AM
‎Sep 17 2024 10:41 AM

its a supplier here but this is the system .. however it did work fine (externally) before i put in the Maraki GO 😞

 

 

markfit1_1-1726599187049.png

 

 

0 Kudos
In response to markfit1
Xydocq
A model citizen
‎Sep 17 2024 11:38 AM
‎Sep 17 2024 11:38 AM

This is strange behaviour.

 

I added a new rule to access the webGUI of a NAS over the internet on my GX20 and it worked right away. There has to be something else blocking the request.

 

When you try to access the GUI over the internet, what is the error message you see on your browser?

0 Kudos
In response to Xydocq
markfit1
Comes here often
‎Sep 17 2024 11:56 AM
‎Sep 17 2024 11:56 AM

yes i agree and would assume it would have been a simple enough task and has proved otherwise 😞 if i pput in the external IP it just sits there and returns no error sadly just saying the site cannot be reached 

 

Mark

 

 

 

0 Kudos
Get notified when there are additional replies to this discussion.
© 2024 Cisco Systems, Inc.