bocaray Posted July 20, 2011 Posted July 20, 2011 Does anyone have any information on how to get external internet access to the ISY-99 thru a Watchguard Firebox Edge? I'd like to control the ISY-99 using the internet when I am not home. Information is very sparse and incomplete.
Michel Kohanim Posted July 20, 2011 Posted July 20, 2011 Hello bocaray, Please read the following article: http://www.watchguard.com/infocenter/ed ... 135177.asp At the bottom they have instructions for setting up NAT 1:1. With kind regards, Michel
bocaray Posted July 20, 2011 Author Posted July 20, 2011 Thanks. It still seems a little above my network knowledge but I'll give it a shot.
bocaray Posted July 27, 2011 Author Posted July 27, 2011 Finally got it to work but am concerned. Maybe I shouldn't be. I was able to allow TCP port 443 to be open and can now access my ISY-99i using "https://xxx.xxx.xxx.xxx/admin" Since this uses 443 port does this make me very open to hacking? I can't seem to find a method to forward say port 60000 to port 443 and make it a little safer. Should this be a concern or am I being too cautious? Opinion welcome.
Michel Kohanim Posted July 28, 2011 Posted July 28, 2011 Hello bocaray, Personally, I would use a different public port. I have not yet seen a router that does not allow different public-to-private port mapping. Are you certain it cannot be done on your router? Alternatively, you can change the HTTPS port on ISY to some other port (say 8443) and then do 8443 to 8443 (this can be done on Configuration | System | Network section of Admin Console). Once you do that, then your URL would be https://your.remote.ip.address:8443 (or some other port). With kind regards, Michel
io_guy Posted July 28, 2011 Posted July 28, 2011 Personally, I would use a different public port. I have not yet seen a router that does not allow different public-to-private port mapping. Are you certain it cannot be done on your router? Kind of coincidence, I would have thought all suported this as well but I just bought a new Netgear yesterday and it does not. The router feature you're looking for is called Virtual Server or its real name is PAT (Port Address Translation). In order to get it on my Netgear, I had to hack it with the 3rd party DD-WRT firmware.
bocaray Posted July 28, 2011 Author Posted July 28, 2011 Ok. Changed to port 8443. As for routers that don't forward Public-to-private, you might want to check out the Watchguard Firebox x Edge. Seems getting any info is like pulling teeth. It may have this feature, but I can't find it or any info on "how to". Anyway, thanks for the help. It's now at https://xxx.xxx.xxx.xxx:8443/admin and works fine.
Recommended Posts