Creating incoming access on the same port to two internal addresses

janp1
Comes here often

Creating incoming access on the same port to two internal addresses

Hi Community,

 

 

My problem is that I need to allow incoming traffic on TCP port 8180 to two internal addresses. When I configure port forwarding to one address, no problem. When I create a forwarding rule to the second IP on the same port, I get an error of an overlap. 

 

How will I be able to allow this?

 

Thanx

 

6 REPLIES 6
RaphaelL
Kind of a big deal
Kind of a big deal

Do you own more than 1 public IP ?


If so , this can be achieve with NATing . Here are some great examples : https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Port_Forwarding_and_NAT_Rules_on_the_MX

janp1
Comes here often

Unfortunately , only 1 public IP.

 

RaphaelL
Kind of a big deal
Kind of a big deal

Are the servers on 8180 running the same application ? A.k.a your goal is to load balance your trafic to both server ?

 

1.1.1.1:8180 -->  192.168.1.10:8180  or 192.168.1.20:8180  

janp1
Comes here often

Hi RaphaelL,

 

No , not for load-balancing. Different roles/applications. One device is a decoder, and the other a recorder. Both need to have incoming traffic on the same port.

 

Brash
Kind of a big deal
Kind of a big deal

There's really no way you can forward the same port to 2 different destinations, as there's no identifier to know where to send the traffic. If inbound traffic is supposed to be split between the 2 destinations (eg. on a round robin basis), you'll need to put a load balancer in front to redirect traffic accordingly. 
Otherwise, if they are separate applications that just happen to have an overlap, you'll need to move one of the applications to a different port.

KarstenI
Kind of a big deal
Kind of a big deal

As already mentioned, you need to use two different ports. But I would also think about the implementation if you really should host your application onsite in this case with only one public IP. Putting both application on the systems of a public ISP or the cloud could be a better approach.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels