Solved

Allow Access Internal IP Some Ports

Posted on 2014-01-02
4
281 Views
Last Modified: 2014-01-03
I have a block of 5 "real" IP addresses that Comcast gave us.  I want to take one of those real IPs and translate it to an internal IP but only allow 4 TCP ports.

So:  Real IP:  77.88.99.111   should go to 192.168.10.5 only allow ports 20, 21, 2009, 23.

NSA- 240

Can someone tell me what I need to do?  (I know replying RTFM would be an idea, but I will not be accepting that as an answer, lol)

Thanks.
0
Comment
Question by:dougp23
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 9

Expert Comment

by:Misbah
ID: 39751603
all this should be done on your firewall system .
no one can give you a detailed answer without knowing what kind of firewall you have.
0
 
LVL 1

Author Comment

by:dougp23
ID: 39751637
Shoot I am sorry!  It's a SonicWall NSA-240.
0
 

Accepted Solution

by:
chris3453 earned 500 total points
ID: 39751844
From the manual page 57

To add the components of a One-to-One NAT policy, perform
the following steps:
1. Navigate to the Network > NAT Policies page. Click Add.
The Add NAT Policy dialog box displays.
2. For Original Source, select Any.
3. For Translated Source, select Original.
4. For Original Destination, select X0 IP.
5. For Translated Destination, select Create new address
object and create a new address object using WAN for
Zone Assignment and Host for Type.
6. For Original Service, select ports 20, 21, 2009, 23
7. For Translated Service, select Original.
8. For Inbound Interface, select LAN
9. For Outbound Interface, select WAN.
10. For Comment, enter a short description.
11. Select the Enable NAT Policy checkbox.
12. Select the Create a reflexive policy checkbox if you want
a matching NAT Policy to be automatically created in the
opposite direction. This will create the outbound as well as
the inbound policies.
13. Click Add.

I am assuming that you are looking to NAT a single internal address to a single external address. If this is not the case then you need to create a one-to-many NAT statement
0
 
LVL 1

Author Closing Comment

by:dougp23
ID: 39755142
Thanks.  It was more involved than that, but this got me going in the right direction!
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Pfsense - and other email Servers 8 60
Firewall report connections 8 102
Factory Reset of Juniper SSG20 2 40
Fortigate 200B - Invalid IP Address Range when trying to create 3 59
I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question