Is there a way to allow all inbound traffic to a single IP? (mx-60)

Solved
Brian5
Conversationalist

Is there a way to allow all inbound traffic to a single IP? (mx-60)

I'm new to Meraki and have an MX-60 and was wondering how to allow all inbound traffic to get through, but only to a single IP address. It seems like the way to do this would be to set up a 1:1 NAT rule that allows "any" port, but the public IP I need to use is assigned to the firewall so it will not allow it.

 

Basically, what I need to do is test to make sure no firewall rules are blocking access to a specific IP and I don't want to disable the entire firewall, but instead temporarily disable any blocking to just a single address.

1 Accepted Solution
Bruce
Kind of a big deal

If you are using the IP address that is assigned to the WAN interface then you won’t be able to create a NAT. The best you can achieve is a port forward. You’ll need to ascertain what ports you want to access on your internal server (e.g. tcp/80 for http, tcp/443 for https) and set the port forward appropriately on the MX.

View solution in original post

1 Reply 1
Bruce
Kind of a big deal

If you are using the IP address that is assigned to the WAN interface then you won’t be able to create a NAT. The best you can achieve is a port forward. You’ll need to ascertain what ports you want to access on your internal server (e.g. tcp/80 for http, tcp/443 for https) and set the port forward appropriately on the MX.

Get notified when there are additional replies to this discussion.