Solved

Allow Access Internal IP Some Ports

Posted on 2014-01-02
4
285 Views
Last Modified: 2014-01-03
I have a block of 5 "real" IP addresses that Comcast gave us.  I want to take one of those real IPs and translate it to an internal IP but only allow 4 TCP ports.

So:  Real IP:  77.88.99.111   should go to 192.168.10.5 only allow ports 20, 21, 2009, 23.

NSA- 240

Can someone tell me what I need to do?  (I know replying RTFM would be an idea, but I will not be accepting that as an answer, lol)

Thanks.
0
Comment
Question by:dougp23
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 9

Expert Comment

by:Misbah
ID: 39751603
all this should be done on your firewall system .
no one can give you a detailed answer without knowing what kind of firewall you have.
0
 
LVL 1

Author Comment

by:dougp23
ID: 39751637
Shoot I am sorry!  It's a SonicWall NSA-240.
0
 

Accepted Solution

by:
chris3453 earned 500 total points
ID: 39751844
From the manual page 57

To add the components of a One-to-One NAT policy, perform
the following steps:
1. Navigate to the Network > NAT Policies page. Click Add.
The Add NAT Policy dialog box displays.
2. For Original Source, select Any.
3. For Translated Source, select Original.
4. For Original Destination, select X0 IP.
5. For Translated Destination, select Create new address
object and create a new address object using WAN for
Zone Assignment and Host for Type.
6. For Original Service, select ports 20, 21, 2009, 23
7. For Translated Service, select Original.
8. For Inbound Interface, select LAN
9. For Outbound Interface, select WAN.
10. For Comment, enter a short description.
11. Select the Enable NAT Policy checkbox.
12. Select the Create a reflexive policy checkbox if you want
a matching NAT Policy to be automatically created in the
opposite direction. This will create the outbound as well as
the inbound policies.
13. Click Add.

I am assuming that you are looking to NAT a single internal address to a single external address. If this is not the case then you need to create a one-to-many NAT statement
0
 
LVL 1

Author Closing Comment

by:dougp23
ID: 39755142
Thanks.  It was more involved than that, but this got me going in the right direction!
0

Featured Post

What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question