Port forwarding documentation error?

BWMerlin
Conversationalist

Port forwarding documentation error?

In the document about port forwarding (https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Port_Forwarding_and_NAT_Rules_on_the_MX#...) it states that "When mapping a range of public ports to a range of local ports, the ranges must be the same length. (ie, 8000-8500 public must be mapped to 8000-8500 local)" but in the diagram provided PC B that has a destination of 10.5.0.1 TCP port 8080 ends up going to Web Server B on port 80. Should this not be going to Web Server B on port 8080 instead?

3 REPLIES 3
kYutobi
Kind of a big deal

'Port 80’ is a well-known port for ‘HTTP’ service. Here, ‘port 8080’ is registered as an alternative port for ‘HTTP’ service.

Enthusiast
BrechtSchamp
Kind of a big deal


@BWMerlin wrote:

In the document about port forwarding (https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Port_Forwarding_and_NAT_Rules_on_the_MX#...) it states that "When mapping a range of public ports to a range of local ports, the ranges must be the same length. (ie, 8000-8500 public must be mapped to 8000-8500 local)" but in the diagram provided PC B that has a destination of 10.5.0.1 TCP port 8080 ends up going to Web Server B on port 80. Should this not be going to Web Server B on port 8080 instead?


Not if you set it up with the public port of 80 (range of 1 IP) and the local port of 8080 (range of 1 IP too). As @kYutobi 8080 is often used as an alternative to port 80 if there are multiple webservers running on a system.

jdsilva
Kind of a big deal

I don't see an error either. The port lists have to be the same length (i.e. the range has to be the same amount of ports) but they do not have to be the same ports. 8080 to 80 is two lists of one port. Since both list are one port they are the same length.

 

The example has 8000-8500 to 8000-8500, which it two lists of 501 ports. 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels