NAT-Rule-Configuration on a USG (Port Forwarding)

Deploying NAT-rules on a USG is a very commonly asked request in our support tickets. Hence, we created this video guiding through setting up a NAT-rule towards a NAS-device placed in the USG's LAN.

Walkthrough Steps
 
1. Open the web interface of your USG in a browser to access the configuration
2. Navigate to Configuration > Network > NAT
3. Create a new rule and add a fitting name.
4. If you want to access your NAS from WAN, please select “Virtual Server” as Port Forwarding Type
5. Select the incoming interface (WAN/WAN PPPoE interface or WAN trunk on your USG e.g.)
6. Create a new object by clicking on Create New Object > Address and add two objects for both your WAN IP and NAS IP
7. Set those objects as Original IP (WAN IP) and Mapped IP (NAS IP)
8. Select the Port Mapping Type (i.e. Port 50000)
9. Set Original Port and Mapped Port to 50000 (please see video for reference)
10. Save the rule by clicking “Apply”-Button
11. Create a new service object by navigating to Configuration > Object > Service. Add Port 50000 and name it as desired
12. Navigate to Configuration > Security Policy > Policy Control and add a new rule à From WAN to LAN, Destination NAS IP, Service NAS HTTP, Action Allow
13. Save the rule and now if possible, test the NAT rule from a different remote network. You should have access to your NAS via WAN

For a more detailed description please see our video:





KB-00007