I'm migrating a client from an ASA to an MX. I'm trying to figure out the lack of inbound rules in Meraki to add my ACLs.
Example: of my current ACLs
access-list outside_access_in extended permit tcp 22.x.x.x 192.168.x.100 object List_of_ports
access-list outside_access_in extended permit tcp 22.x.x.x 192.168.x.101 object List_of_ports
access-list outside_access_in extended permit tcp 22.x.x.x 192.168.x.102 object List_of_ports
Basically, I want one outside address to be able to get to a few internal addresses using the list of ports. Sounds like NAT or port forwarding. However, That one outside IP needs to get to 3 devices internally. when I've tried to add NAT or port forwarding, I can only use that outside address one time. I cant have a separate rule for each internal IP that they need access as it gives me an error that the remote IP cannot be in there twice.
I feel like one person getting me thinking the correct Meraki way and I'll be golden.....
Thanks for the quick reply, that may work i'll try. but I know with one to many NAT that I can only specify one port at a time and I have a list of 40+ ports in the object.
Lol, clicking away. Thanks for the help!
One to Many doesn't work. If I have try one 1:many then I can't duplicate ports for all three internal IPs, but if I try multiple 1:many (one per internal IP) then it doesn't allow me to duplicate outside IPs on multiple NAT.
Not diggin Meraki right now...........
I figured it out, In the ASA I had 1:1 NAT statements to each internal device, so I added those 1:1 NATs and then put the forwarding rule for the ports underneath each 1:1.
Just tested this in my lab. I can use the same local port, if the public port is unique.
I got an error with using multiple outside IPs when I tried port forwarding, then when I tried 1:many I got an error when I tried to duplicate ports or the outside IP. So I went with 1:1 NAT and added my forwarding rules under each 1:1