Port Forwarding

SardarAlam
Getting noticed

Port Forwarding

Dear All,

 

i am facing issue related port forwarding. i have forwarded some port for internal resource access, All other port showing open when i check with port checker, But the only port 80 is still showing closed. i also open that port on LAN side from Windows firewall.

 

How to resolved this? your response and help will appreciated.

 

Thank you

14 Replies 14
alemabrahao
Kind of a big deal
Kind of a big deal

If I remember correctly, the MX local status page uses both port 80 and 443.
 
So make sure that the Web (local status & configuration) is not set to None.
 
By the way, I strongly recommend not using an insecure port for a web server.

 

 

alemabrahao_0-1698660543241.png

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
SardarAlam
Getting noticed

Same is configured already but still unable to ping my domain which is link with private IP like 192.168.X.X.

When connect vpn then this domain is ping able but without VPN is not

 

alemabrahao
Kind of a big deal
Kind of a big deal

192.168.x.x is a private IP, you will not be able to ping it externally.
 
I believe you know this, right?
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
SardarAlam
Getting noticed

Yes but now i have confusion so want to confirm that with port forwarding can i make the domain ping able with private ip. till now i was clear about private IP is inaccessible with VPN. but after research got confused. want to clear about it again.

alemabrahao
Kind of a big deal
Kind of a big deal

https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Port_Forwarding_and_NAT_Rules_on_the_MX#...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
alemabrahao
Kind of a big deal
Kind of a big deal

My friend, trying to access via private IP won't work, you need to access via public IP provided by your ISP.

 

Difference Between Public and Private IP Address

The crucial difference between a public and private IP address is that the public IP can be seen by other devices on the Internet, while the private IP cannot. Therefore, public IPs are used to interact and communicate online, while private IPs operate within a local network.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
SardarAlam
Getting noticed

can you suggest what to do now? should i request for another Public IP and assign that to my Server or just add this public IP in DNS (link with my domain) and add these entry in DNS A records?

alemabrahao
Kind of a big deal
Kind of a big deal

Is your PPPOE link not configured directly on the MX's WAN interface?
 
Can you access the server using the public IP of your internet link and the port you configured in port forwarding?
 
First of all, I need to understand how your WAN interface is configured.
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
SardarAlam
Getting noticed

Is your PPPOE link not configured directly on the MX's WAN interface?

PPPOE link configure my Public IP and WAN IP (internet 1) is same.

Can you access the server using the public IP of your internet link and the port you configured in port forwarding?

I cant access the Server without VPN. i have configured port but its showing closed when check on port checker site.in port
forwarding i set TCP port and the private IP which is assign to my server like 192.168.X.X

 

SardarAlam_0-1698683516990.png

In this Snap IP add and Public IP is same but DNS IPs are different.

SardarAlam
Getting noticed

And one other thing is i can't configure NAT as we have only one Public IP.when trying NAT it gives error that X.X.X is the primary IP of MS WAN interface. for that i need another Public IP which is currently not available and i am trying with current Scenario.

Gary_Geihsler1
Meraki Alumni (Retired)
Meraki Alumni (Retired)

Is this question specific to Cisco+ Secure Connect? Reason I ask is Secure Connect eliminates most of the need to do port forwarding with a mor secure way to access resources behind a MX. 

SardarAlam
Getting noticed

I have MX64 then Server is switch and server is connected to switch. and the ISP connection as PPPoE we can't access ISP ONT device the Public IP is directly assign to MX WAN port. So i believe there is no need to configure same on ISP device.

Gary_Geihsler1
Meraki Alumni (Retired)
Meraki Alumni (Retired)

If you are trying to access a private application over a VPN solution you need either Secure Client VPN terminating on the MX or Cisco+ Secure Connect which has remote access as a service. Once connected to the VPN you would be able to access the private resource (192.168.x.x as an example). 

SardarAlam
Getting noticed

This is already configured and work for now we need to access our domain from external network not internal.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.