SRP 500 Series Gain Access from one IP address with NAT

Ronald RiemVis · ‎11-16-2012

Hello All,

Normaly all incoming IP addresses can use NAT to gain access.

I would like to make a rule that only one IP address can connect to my router and use that port or range of ports defined.

Is there a way to configure a SRP 527W on such a way?

If not possible now, can I expect a software update ?

Greetings,

Ronald

jurodri3 · ‎11-20-2012

Hello Mr. RiemVis,

On this case if I would recommend you to use DNAT. And create and access rule in order to send all the packets coming from the outside to be route to the local DNAT server target. The DNAT target is used to do Destination Network Address Translation, which means that it is used to rewrite the Destination IP address of a packet. If a packet is matched, and this is the target of the rule, the packet, and all subsequent packets in the same stream will be translated, and then routed on to the correct device, host or network.

I hope you find this answer useful, if it was satisfactory for you, please mark the question as Answered.

Diego Rodriguez

Cisco network engineer

Thank you

Ronald RiemVis · ‎11-20-2012

Hello Mr.Juan Rodrigues,

I searched inside the SRP527W router but can't find anything what is called DNAT.

Could you give me more information how to accomplish ?

Thanks

Greetings

Ronald

Andrew Hickman · ‎11-22-2012

Hi Ronald,

The features you need to use are:

1: NAT > Port Forwarding (DNAT as referred to above): This enables forwarding across NAT for all remote users.

2: Firewall > Advanced Firewall Settings (Access Control Lists): Add rules to

a) Specifically allow access from your preferred remote address,

b) deny access from all other addresses.

Hope that helps,

Andy