Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Port Forwarding

SardarAlam
Getting noticed
‎Oct 29 2023 10:56 PM
‎Oct 29 2023 10:56 PM

Port Forwarding

Dear All,

 

i am facing issue related port forwarding. i have forwarded some port for internal resource access, All other port showing open when i check with port checker, But the only port 80 is still showing closed. i also open that port on LAN side from Windows firewall.

 

How to resolved this? your response and help will appreciated.

 

Thank you

0 Kudos
Subscribe
14 Replies 14
alemabrahao
Kind of a big deal
Kind of a big deal
‎Oct 30 2023 3:11 AM
‎Oct 30 2023 3:11 AM

If I remember correctly, the MX local status page uses both port 80 and 443.
 
So make sure that the Web (local status & configuration) is not set to None.
 
By the way, I strongly recommend not using an insecure port for a web server.

 

 

alemabrahao_0-1698660543241.png

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to alemabrahao
SardarAlam
Getting noticed
‎Oct 30 2023 8:48 AM
‎Oct 30 2023 8:48 AM

Same is configured already but still unable to ping my domain which is link with private IP like 192.168.X.X.

When connect vpn then this domain is ping able but without VPN is not

 

0 Kudos
Subscribe
In response to SardarAlam
alemabrahao
Kind of a big deal
Kind of a big deal
‎Oct 30 2023 8:51 AM
‎Oct 30 2023 8:51 AM

192.168.x.x is a private IP, you will not be able to ping it externally.
 
I believe you know this, right?
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to alemabrahao
SardarAlam
Getting noticed
‎Oct 30 2023 8:56 AM
‎Oct 30 2023 8:56 AM

Yes but now i have confusion so want to confirm that with port forwarding can i make the domain ping able with private ip. till now i was clear about private IP is inaccessible with VPN. but after research got confused. want to clear about it again.

0 Kudos
Subscribe
In response to SardarAlam
alemabrahao
Kind of a big deal
Kind of a big deal
‎Oct 30 2023 9:00 AM
‎Oct 30 2023 9:00 AM

https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Port_Forwarding_and_NAT_Rules_on_the_MX#...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to SardarAlam
alemabrahao
Kind of a big deal
Kind of a big deal
‎Oct 30 2023 8:57 AM
‎Oct 30 2023 8:57 AM

My friend, trying to access via private IP won't work, you need to access via public IP provided by your ISP.

 

Difference Between Public and Private IP Address

The crucial difference between a public and private IP address is that the public IP can be seen by other devices on the Internet, while the private IP cannot. Therefore, public IPs are used to interact and communicate online, while private IPs operate within a local network.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to alemabrahao
SardarAlam
Getting noticed
‎Oct 30 2023 9:02 AM
‎Oct 30 2023 9:02 AM

can you suggest what to do now? should i request for another Public IP and assign that to my Server or just add this public IP in DNS (link with my domain) and add these entry in DNS A records?

0 Kudos
Subscribe
In response to SardarAlam
alemabrahao
Kind of a big deal
Kind of a big deal
‎Oct 30 2023 9:08 AM
‎Oct 30 2023 9:08 AM

Is your PPPOE link not configured directly on the MX's WAN interface?
 
Can you access the server using the public IP of your internet link and the port you configured in port forwarding?
 
First of all, I need to understand how your WAN interface is configured.
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to alemabrahao
SardarAlam
Getting noticed
‎Oct 30 2023 9:33 AM
‎Oct 30 2023 9:33 AM

Is your PPPOE link not configured directly on the MX's WAN interface?

PPPOE link configure my Public IP and WAN IP (internet 1) is same.

Can you access the server using the public IP of your internet link and the port you configured in port forwarding?

I cant access the Server without VPN. i have configured port but its showing closed when check on port checker site.in port
forwarding i set TCP port and the private IP which is assign to my server like 192.168.X.X

 

SardarAlam_0-1698683516990.png

In this Snap IP add and Public IP is same but DNS IPs are different.

0 Kudos
Subscribe
In response to alemabrahao
SardarAlam
Getting noticed
‎Oct 30 2023 9:37 AM
‎Oct 30 2023 9:37 AM

And one other thing is i can't configure NAT as we have only one Public IP.when trying NAT it gives error that X.X.X is the primary IP of MS WAN interface. for that i need another Public IP which is currently not available and i am trying with current Scenario.

0 Kudos
Subscribe
Gary_Geihsler1
Meraki Employee
Meraki Employee
‎Oct 30 2023 8:15 AM
‎Oct 30 2023 8:15 AM

Is this question specific to Cisco+ Secure Connect? Reason I ask is Secure Connect eliminates most of the need to do port forwarding with a mor secure way to access resources behind a MX. 

0 Kudos
Subscribe
In response to Gary_Geihsler1
SardarAlam
Getting noticed
‎Oct 30 2023 8:52 AM
‎Oct 30 2023 8:52 AM

I have MX64 then Server is switch and server is connected to switch. and the ISP connection as PPPoE we can't access ISP ONT device the Public IP is directly assign to MX WAN port. So i believe there is no need to configure same on ISP device.

0 Kudos
Subscribe
In response to SardarAlam
Gary_Geihsler1
Meraki Employee
Meraki Employee
‎Oct 30 2023 9:26 AM
‎Oct 30 2023 9:26 AM

If you are trying to access a private application over a VPN solution you need either Secure Client VPN terminating on the MX or Cisco+ Secure Connect which has remote access as a service. Once connected to the VPN you would be able to access the private resource (192.168.x.x as an example). 

0 Kudos
Subscribe
In response to Gary_Geihsler1
SardarAlam
Getting noticed
‎Oct 30 2023 9:45 AM
‎Oct 30 2023 9:45 AM

This is already configured and work for now we need to access our domain from external network not internal.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.