Adtran
Help
Exciting News! Coming soon, our support community will have a new look and feel. There won't be any changes to your favorite features, but you can look forward to an exciting new experience. Stay tuned for more information!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Anonymous
Not applicable
‎05-09-2019 02:31 PM

NV 3120 port forward from a specific public address

Jump to solution

I have many units setup however due to security needs  I have customers wanting ports open only from specific Public IP addresses. How do I accomplish this in the CLI.

Labels (1)
Labels
0 Kudos
Reply
1 Solution

Accepted Solutions
jayh
Honored Contributor
Honored Contributor
‎05-10-2019 12:31 AM

Re: NV 3120 port forward from a specific public address

Jump to solution

It's essentially the same as you would do for a port-forward from any external host, except your ACL has the allowed host IP in the source field.

Scenario:

Allowed external ip address 192.0.2.5

External IP of router 172.16.1.5

Internal SSH server 192.168.10.5

ip access-list extended ssh-fwd-list

  permit tcp host 192.0.2.5 host 172.16.1.5 eq 22

interface eth 0/1

description WAN to Internet

ip address 172.16.1.5 255.255.255.0

ip access-policy Public

ip policy-class Public

nat destination list ssh-fwd-list address 192.168.10.5 port 22

View solution in original post

0 Kudos
Reply
1 Reply
jayh
Honored Contributor
Honored Contributor
‎05-10-2019 12:31 AM

Re: NV 3120 port forward from a specific public address

Jump to solution

It's essentially the same as you would do for a port-forward from any external host, except your ACL has the allowed host IP in the source field.

Scenario:

Allowed external ip address 192.0.2.5

External IP of router 172.16.1.5

Internal SSH server 192.168.10.5

ip access-list extended ssh-fwd-list

  permit tcp host 192.0.2.5 host 172.16.1.5 eq 22

interface eth 0/1

description WAN to Internet

ip address 172.16.1.5 255.255.255.0

ip access-policy Public

ip policy-class Public

nat destination list ssh-fwd-list address 192.168.10.5 port 22

0 Kudos
Reply