Skip to main content
Skyhigh Security

Configure Port Forwarding for Secure Web Gateway on a Hosted VM

Configure port forwarding rules to enable access to Web Gateway when it runs on a virtual machine that is hosted by a Windows 2016 Server.

These rules redirect:

  • Requests for accessing the Web Gateway interface under HTTP and HTTPS to ports 4711 and 4712
  • Web traffic that is to be filtered on Web Gateway to the 9090 proxy port

Ports with these numbers are by default not allowed for inbound traffic on Azure. So, the rules must be added to the settings on this portal.

  1. On the Azure portal, access the virtual machine that Web Gateway uses as its platform.
  2. Configure port forwarding rules for inbound traffic, using these values for the rule parameters:
    • Source: Any
    • Source port ranges: *
    • Destination: Any
    • Destination port ranges: 4711, 4712, 9090
    • Protocol: Any
    • Action: Allow
    • Priority: 330
    • Name: MWG_Ports
  3. On the Windows 2016 Server interface, open a Powershell.
  4. Run the following commands to add the port forwarding rules to the portal settings.
    The rules include the IP address of the virtual machine for Web Gateway.
    1. For port 4711:

      netsh int portproxy add v4tov4 listenport=4711 connectport=4711
      connectaddress=192.168.200.220

       
    2. For port 4712:

      netsh int portproxy add v4tov4 listenport=4712 connectport=4712
      connectaddress=192.168.200.220

       
    3. For port 9060:

      netsh int portproxy add v4tov4 listenport=9060 connectport=9060 
      connectaddress=192.168.200.220

Web Gateway can now be accessed from outside Azure. The IP address of the Windows 2016 Server and one of the interface ports or the proxy port must be submitted for this access:

<server IP address>:4711|4712|9060

  • Was this article helpful?