An internal routing table gives priority for different routing rules like remote login, DMZ, and port forwarding rules.

 

IMPORTANT: The first line of this table has the highest priority.

 

Default

By default, the DMZ and remote login are not active, and the CloudGate rejects all external IP traffic wanting access to the unit. This is also the reason why the WAN -> Local default policy is set to Reject in the firewall rules. In this case, the routing table looks like:

 

  • Reject everything

 

 

Remote Login Enabled

If remote login is enabled, you make a hole in this firewall at port 443. (Even when you do not enter “443” in the port list!). In this case, the routing table looks like:

 

  • Port 443 is open for HTTPS
  • Reject everything

 

TIP: These two lines are always at the bottom of the routing table.

 

If you add port 1800 in the remote login port field, both port 443 and port 1800 will be open. In this case, the routing table looks like:

 

  • Port 1800 is open for HTTPS
  • Port 443 is open for HTTPS
  • Reject everything

 

 

DMZ

The DMZ has a lower priority than the remote login and port forwarding rules, so activating the DMZ results in the next routing table:

 

  • Port 1800 is open for HTTPS
  • Send all incoming data to the address specified in the DMZ
  • Port 443 is open for HTTPS
  • Reject everything

 

 

Port Forwarding Rules

Adding port forwarding rules results in the next routing table:

 

  • Port 1800 is open for HTTPS
  • IP forwarding rule 1
  • IP forwarding rule 2+
  • Send all incoming data to the address specified in the DMZ
  • Port 443 is open for HTTPS
  • Reject everything