cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
New Contributor

NV 3120 port forward from a specific public address

I have many units setup however due to security needs  I have customers wanting ports open only from specific Public IP addresses. How do I accomplish this in the CLI.

Labels (1)
0 Kudos
Reply
1 Reply
Highlighted
Honored Contributor
Honored Contributor

Re: NV 3120 port forward from a specific public address

It's essentially the same as you would do for a port-forward from any external host, except your ACL has the allowed host IP in the source field.

Scenario:

Allowed external ip address 192.0.2.5

External IP of router 172.16.1.5

Internal SSH server 192.168.10.5

ip access-list extended ssh-fwd-list

  permit tcp host 192.0.2.5 host 172.16.1.5 eq 22

interface eth 0/1

description WAN to Internet

ip address 172.16.1.5 255.255.255.0

ip access-policy Public

ip policy-class Public

nat destination list ssh-fwd-list address 192.168.10.5 port 22

0 Kudos