I Need To Make A Change With My IT Support! Call (225) 706-8414

How to Forward a Port to a Server via the Watchguard Firebox

You have a server providing a service (e.g., SMTP) and need your Firebox firewall to pass traffic to it.


There are two steps to this. First, you create an SNAT rule and, second, you create a firewall policy to map that rule to a port on the firewall.

First, setup port forwarding, which Watchguard calls SNAT.

  1. Click on Firewall->SNAT.
  2. Click Add.
  3. You will land in the SNAT configuration page.
  4. For Name, enter SMTP to Exchange.
  5. Click Add.
  6. Choose External.
  7. For Internal IP Address, enter the LAN IP of your Exchange server.
  8. Click Ok.
  9. Click Save.
Second, setup our firewall policy to use the SNAT rule:
  1. Click Firewall->Firewall Policies.
  2.  Click the Plus sign on the far right.
  3. In Select a Policy Type, choose Packet Filters->SMTP. Notice that choosing this policy type will set the Policy Name. You can change the Policy Name if you’d like.
  4. Click Add Policy.
  5. The Policy will be created and you will land in the Policy Configuration page.
  6. In the From, click Any-Trusted and click Remove.
  7. In the From, click Add.
  8. Set Member Type to Alias and choose Any.
  9. Click Ok.
  10. In the To, click on Any-External and click Remove.
  11. In the To, click on Add.
  12. Set Member Type to Static NAT and click the SNAT rule we created earlier.
  13. Click Ok.
  14. Scroll to the bottom of the Policy Configuration page and click Save.


Concerned About Cyber Attacks?


Want to Migrate to the Cloud?

Office 365

Ready to Experience Microsoft Office 365?

Want the latest IT news directly in your inbox? Subscribe now!