Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
929
Views
15
Helpful
5
Replies

RV320 Port forwarding issue

rodrigocatarino
Level 1
Level 1

‎10-13-2018 04:17 PM - edited ‎02-21-2020 08:21 AM

Hi all,

 

I've configured my RV320 to forward port 21 to my FTP server.

I am able to connect to FTP from inside my network, although from the internet I am not able to connect to FTP.

 

 PortFW.PNG

 

I've also created a firewall rule to allow from any source to the internal IP and still am not able to connect via FTP to my server.

 

FirewallRule.PNG

 

Do you guys have any clue why is this happening?

 

Kind regards,

Rodrigo

Labels:
0 Helpful
5 Replies 5

Alex Pfeil
Level 7
Level 7

‎10-13-2018 05:08 PM

To connect to a firewall on the outside, you would have to have NAT setup. You would have an outside IP address and the inside FTP server associated to the outside IP address. You then need to have an outside firewall rule allowing the internet, or specific outside IP addresses, to the inside IP address.

Please rate helpful posts.

Spawn
Level 1
Level 1

‎10-14-2018 12:03 AM

i think you have missed the NAT part.

balaji.bandi
Hall of Fame
Hall of Fame

‎10-14-2018 02:11 AM

Can you give more information.

 

1. Do you have public Fixed IP address from provider ? or from DHCP ? - if DHCP the IP dynamically changes, so you always need to keep track of that IP for incoming FTP.

2. configuration limited access to an internal ftp server that need to configure  One-to-one NAT with the ACL's to allow only the ALLOWED public address to connect.

 

you can do as below for testing:

 

Firewall>Access Control, create a rule, with priority 1, source interface WAN, PERMIT SOURCE XX.XX.XX.XX  TO DESTINATION YY.YY.YY.YY (Private IP address).

 

below guide to help to understand.

 

https://sbkb.cisco.com/CiscoSB/GetArticle.aspx?docid=f6916a7709cb43d38d74bd6ef3e8d0a2_Configure_One_toOne_Network_Address_Translation__NAT__on_RV3.xml

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

rodrigocatarino
Level 1
Level 1
In response to balaji.bandi

‎10-14-2018 04:42 AM - edited ‎10-14-2018 04:47 AM

Hi,

Thanks guys for the quick reply!

I am using a dynamic DNS service to be able to reach my devices if the public IP changes...

As for the NAT, why cant i add my public IP addess? And for the range is it the subnet lenght?

NAT.PNG

 

0 Helpful

Spawn
Level 1
Level 1
In response to rodrigocatarino

‎10-15-2018 12:42 AM - edited ‎10-15-2018 12:43 AM

may be bit different for dynamic ip address on the wan side, you cannot map it to one ip address with one to one nat, as it will keep changing on reconnect.

check the documentation, wish i had that router to play around. Check - Assigning Dynamic DNS to a WAN Interface


https://www.cisco.com/c/dam/en/us/td/docs/routers/csbr/rv320/administration/guide/en/rv32x_ag_en.pdf

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card