Inbound opening (Internet to LAN)

nikmagashi
Getting noticed

Inbound opening (Internet to LAN)

Hi,

 

I have set up a server on the LAN (different VLAN) and with a public IP adress for the external users to able to reach it! Since I am new to Meraki MX I thought creating a 1:1 Nat for this purpose and allow the port for SSH into the server. 

 

nikmagashi_0-1589548422092.png

 

Is it right to set up on this way? Do I need to do something else to achieve this?

 

Thanks in advance!

 

3 Replies 3
_edge_
Conversationalist

Yap that is the way.. just be sure that your ISP routed public IP to Internet1 (WAN1) interface. YOu can do it also with 1:many NAT if you want on same IP to configure access to different servers (and different ports).

 

Thanks for the reply!
CN
Meraki Alumni (Retired)
Meraki Alumni (Retired)

If you don't have a dedicated public IP to use for the server, then an alternative would be to set up a port forwarding rule. That will do the same thing but will just use the IP address on the internet uplink. As SSH is a pretty common port to scan for, I would recommend that you lock it down so it can't be reached from anywhere except for the IP addresses of your users. 

Get notified when there are additional replies to this discussion.