1 Reply Latest reply on May 9, 2019 10:31 PM by jayh

    NV 3120 port forward from a specific public address

    etdiego New Member

      I have many units setup however due to security needs  I have customers wanting ports open only from specific Public IP addresses. How do I accomplish this in the CLI.

        • Re: NV 3120 port forward from a specific public address
          jayh Hall_of_Fame

          It's essentially the same as you would do for a port-forward from any external host, except your ACL has the allowed host IP in the source field.

           

          Scenario:

          Allowed external ip address 192.0.2.5

          External IP of router 172.16.1.5

          Internal SSH server 192.168.10.5

           

           

          ip access-list extended ssh-fwd-list

            permit tcp host 192.0.2.5 host 172.16.1.5 eq 22

           

          interface eth 0/1

          description WAN to Internet

          ip address 172.16.1.5 255.255.255.0

          ip access-policy Public

           

          ip policy-class Public

          nat destination list ssh-fwd-list address 192.168.10.5 port 22