Avatar of handyjay
handyjay
 asked on

Firewall Access Policy Setup for Private IP to Public IP

I am attempting a work around and not sure if it is the best way, but I am trying to remove a NT4 server from our network, but still allow access to it only from our network.  The reason is I want to raise the secuirty level on our domain controller and once I do, access to NT4 apparently will be lost in our private network... so I was going to use a public IP to access NT4 server.

I have a public IP address I have routed to the Private NT4 Server IP address.  I can access the server as expected, but so cant everyone else.

I want to create an access rule to allow our network of Private IP addresses to access the public IP address of the NT4 server, but block all other users.

Can someone point me in the right direction?
RoutersHardware Firewalls

Avatar of undefined
Last Comment
handyjay

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Yotefn

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
handyjay

ASKER
I will try to clarify...

I have NT4 server set to Private IP xxx.5 in our network.

I have a public IP routed to the NT4 IP using our Router which I believe uses NAT... since I requests in and out of our network appear to come from the same public IP xxx.138

If I set a policy on the router to allow all traffic to access the NT4 public IP, I have no issues accessing the server (good and bad).

I now want to setup a policy that allows access from our Private IPs to the Private IP of the NT4 server, using the public NT4 IP.

The problem I am finding is that all traffic appears to come from the name xxx.138 IP that the router uses.  So, allowing and blocking access affects everyone else.

Maybe I need to setup another interface on another port on the router, instead of using the port interface assigned to xxx.138 ?
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck