Hi there,
I am currently configuring a c888 series router.
I have a Lan network at 192.168.10.0/24 (Native Vlan 1 by default - ETH0-1-2-3).
An interface TO WAN THROUGH DIALER 1, the default route is via this DIALER 1 interface.
I configured a loopback10 interface:
ip address 10.0.0.1 255.255.255.255 !!! (Not real IP is just for example)
Outgoing nat performed:
ip nat inside source list 10 interface Loopback10 overload
I need to access from the outside to a machine which is on the LAN network, IP of the machine: 192.168.10.3/24.
I did port forwarding:
ip nat inside source static tcp 192.168.10.3 443 10.0.0.1 8083 extendable
I now need to filter incoming traffic so that certain public IPs can access this port forwarding:
I configured a standard Access-list 50
access-list 50 permit 99.20.10.63
access-list 50 permit 85.24.20.54
I added this access-list on the VLAN1 interface:
ip address 192.168.10.1 255.255.255.0
ip access-group 50 out
ip nat inside
ip virtual-reassembly in
no autostate
Port forwarding works and filtering by ip too. The problem is that the machine 192.168.10.3/24 cannot access the internet following this configuration while I can ping: ping 8.8.8.8 source vlan1.
Could you help me ?
Thanks