Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Port Forwarding

Solved
Steve-Potter
Getting noticed
‎Jul 11 2023 6:12 AM
‎Jul 11 2023 6:12 AM

Port Forwarding

 I have a strange config issue here

Internal web server with a few sites accessible via https 443 from specific IP's

 

name          uplink    protocol   public port   Lan IP            local port    allowed remote IPs

webserver   Both       TCP          443               192.168.1.1    443              a list of 20-30 ip's for access & pingdom etc.

 

All works fine, website is IP restricted and operates as it should internally and externally from the remote IPs listed.

 

I now want to add a different port forward for another service, this is using a different port, and works fine internally but not from external, UNLESS the external IP is in the previous port forwards allowed remote IP list

 

name          uplink    protocol   public port   Lan IP            local port    allowed remote IPs

status         Both        TCP          444               192.168.1.1    444              Any

 

It seems the first entry allowed remote IP's overrule the subsequent allow list, even when configuring a different local IP the Any IP doesn't work, but the previous list does...

 

I might be missing something here but logically it should work.

PS I know I can add multiple 1:1 NAT's but need to know about this.

 

Thanks

Steve

 

 

0 Kudos
Subscribe
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jul 11 2023 6:08 PM
‎Jul 11 2023 6:08 PM

That should work.  It sounds like a bug.

View solution in original post

0 Kudos
Subscribe
3 Replies 3
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jul 11 2023 6:22 AM
‎Jul 11 2023 6:22 AM

 

What service is running on port 444? Is HTTPS not correct?
 
If you have a public IP available, try using 1:1NAT, you can allow several ports for a single IP.
 

 

 

alemabrahao_0-1689081621476.png

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jul 11 2023 6:08 PM
‎Jul 11 2023 6:08 PM

That should work.  It sounds like a bug.

0 Kudos
Subscribe
Steve-Potter
Getting noticed
‎Jul 12 2023 1:57 AM
‎Jul 12 2023 1:57 AM

Update:

Strangely again, it started working today, and looking at the dashboard, the order of port forwarding rules has changed with the port 444 placed first....hmm

 

Steve

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.