XTM520 port forwarding (SNAT) problems


Limp Gawd
Sep 18, 2005
Never mind... Found out what was going on. I'm using GRC "shields up" port test and the router was blocking GRC from doing its scan. I have added the GRC ip to the exclude addresses and everything seems to be fine now.

I have acquired a Watchguard XTM 520 for a new router. Originally, I planned on loading it with pfsense and using it that way. However, I want to give the FirewareOS a run and see what it can do, and even with the primary paid services expired, the system still has quite a few features active. Still far more than your regular home/small office offering.

I already have my primary LAN machines and all the Wifi stuff separated. My wired stuff is on the "trusted" interface (192.168.0.x) and the wifi stuff is on the other interface (192.168.1.x). The wifi can also see a few services I'm running on my network as well. All good. Took some cobbling together to get local loopback working, but its working great and this router now completely setup for all my internal network needs.

However, there are a number of service & gaming ports Id like to open up on the internet for use that I am unable to open at all with either the integrated interface or with WatcGuard System Manager (WSM). I have found plenty of documentation on using Static NAT (SNAT) for creating routes and creating a firewall rule for them and they all deal with static external (WAN) ip addresses. I have a dynamic address. So the specifics are no good.

Attached are the current settings. I've tried all combinations of "Any", "External", "Any-External" etc. Anyone know how i can get this port open?
Last edited: