Cisco 877 - allow only one external static ip to connect to my server ?

Unanswered Question
Jan 5th, 2010
User Badges:


  Can anyone tell how how to setup up the Cisco 877 to allow only one external ip to access my server ?

  Consider this:

  My Server PC connects to the internet through the Cisco 877 and it has an internal ip and also an SQL Server

  My other PC on a different location has a static IP (it's an example)

  What i want is only to allow ONLY my other PC with the IP to access my Server and only the SQL Server port.

  IOW, if  anyone tries to access my server without having the IP block the access.

Thank you in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)

I will assume the 123.123.x.x is an internet address? If so they yes you can setup PAT for the SQL server to the Internet on a unique port and ACL it so only the internet IP (123.123.x.x) is allowed to hit that external address on that port.

Here`s a rough example:

ip nat inside source static tcp 1433 1433

access-list 150 permit tcp host host eq 1433

access-list 150 deny ip any any

Good luck

pangio1453 Thu, 01/07/2010 - 15:47
User Badges:

Dear Bob,

  What is the "" ?

  Also can i do this through SDM or i need to do it through console ?

Thank you very much

That IP is just an example of the Internet facing public IP assigned to your internal server. If you only have one outside IP use PAT. I didn't know you had SDM yes you can do it thorugh there. Just remember you need a publically accessible IP address on the internet that is NAT'd to your host; then you apply the ACL on the outside inteface to only allow your PC to access that public IP on the port specified.




This Discussion