It took me longer than I’d like to admit to figure out how to do a simple task like open ports so that external networks can reach my internal devices.
For each service that you’d like to publish to the web, you need to go through the below steps. The following we’ll setup Remote Desktop:
- Create a new Service (Core->Network->Services)
- Name your service (RDP) and specify the port that it will run on (port is 3389)
- Add Service in Packet Filter – External Networks to Zentyal (Gateway->Firewall->Packet Filter)
- Explanation: This allows traffic through the firewall to Zentyal.
- Source (specify an IP address or MAC address or select ANY to allow traffic from any source)
- Service: Select the service we previously created (RDP)
- Put a description if you’d like, and press Change.
- Add Port Forward (Gateway->Firewall->Port Forwarding)
- Explanation: This instructs Zentyal how to direct the traffic and to where.
- Press Add New
- Choose Interface
- Original Destination: Usually Zentyal
- Original Destination Port: 3389
- Source: Any
- Destination IP: The IP of the RDP host
- Port: Same
- Replace source address: Not necessary for most applications (leave unchecked)
- Save changes
- Apply changes
That should cover most of the things to setup a basic service like RDP. If you want to do Port Address Translation, you can in the port forwarding section by changing the Original Destination Port and the Port (if applicable).
Great write-up and still applicable in the latest community version of Zentyal. The VPN is even more complicated.