cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Restricting port forwarding to a single external IP address

bradummer
Beginner
Beginner

I have what I think should be a pretty simple question. I think I'm just not understanding how port forwarding works together with access rules.

We have a computer (10.4.20.60) on our LAN that's running a web server (port 80), and I'd like to make it available to a single IP address (let's say 123.123.123.123) outside the LAN. I can set up Forwarding to forward port 80 to 10.4.20.60 and that works fine, but it's open to any outside IP address. So I then created a Firewall > Access Rule to restrict port 80 access to only the external IP address. However as soon as I do that, all access to port 80 is blocked. The access rule I set up was:

Priority: 1

Policy Name: HTTP

Enabled: X

Action: Allow

Service: HTTP[80]

Source Interface: WAN1

Source: 123.123.123.123 ~ 123.123.123.123 (I'm actually using the correct IP)

Destination: 10.4.20.60

Time: Always

As I said, as soon as I added and enabled this access rule, everything to 80 is blocked. As a test, I modified the rule above to be open to all sources and destinations:

Priority: 1

Policy Name: HTTP

Enabled: X

Action: Allow

Service: HTTP[80]

Source Interface: WAN1

Source: Any

Destination: Any

Time: Always

Even with these settings access to port 80 is blocked from all outside IP addresses. Below is a screenshot of my current Access Rules page. What am I doing wrong?

6 REPLIES 6

charlessimpson
Beginner
Beginner

Please let me know if you resolve this because i'm trying to restrict port 443 to only 1 external ip address. Thanks. 

Te-Kai Liu
Rising star
Rising star

Which router and firmware do you find the issue?

Sorry I didn't specify that initially. I'm using a RV042 running 1.3.12.19-tm.

You might find this thread helpful.

https://supportforums.cisco.com/message/3100511#3100511