rv320 - port forwarding from a specific WAN IP

Unanswered Question
May 28th, 2014
User Badges:

Hi, i just received and configuring the rv320 router. I can successfully set the port forwarding from WAN to specific LAN IP address. I would like to know is it possible for this device to set the port forwarding from a specific WAN IP address? Thank you for the help.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
KelvinKN3 Thu, 05/29/2014 - 08:34
User Badges:

I've got exactly the same issue - 16 public addresses that we use to map specific services over to certain servers (on a port by port basis).

This seems a really basic function (my 5 year old Drayteks have been doing it) - the only option seems to be the One to One - but that is Public to Internal with no port restrictions which is not what is required. I have a feeling the RV320 will be going back sad

hungmaoisthebest Thu, 05/29/2014 - 19:46
User Badges:

agree, this really quite a basic functionality for this level of VPN router.

mpyhala Fri, 05/30/2014 - 10:20
User Badges:
  • Gold, 750 points or more

hungmaoisthebest,

 

To change the source address, you will need to create an Access Rule under Firewall instead of using Forwarding.

 

- Marty

Andy Williams Tue, 06/17/2014 - 13:37
User Badges:

I have the same problem, and have already tried creating a Access Rule without success. I need to forward Remote Desktop Port 3389 from a specific public IP address to a internal server. I do this with other lower-level Cisco Small Business routers all the time, but cannot get this to work with the RV320. Here's what I've tried:

 

1) Create new Access Rule

2) Create new Service called TS for TCP port 3389-3389

3) Set new Access Rule to Allow

4) Set Source Interface to Any (I've also tried WAN1, etc.)

5) Set Source IP to the only single public IP that will be allowed

6) Set Destination IP to the single internal IP address

7) Set Scheduling to Always

 

When I use any standard RDP app from the outside, the router blocks 3389 access.

What am I missing? Can anyone help resolve this, or do I need to call in to Cisco Support?

hungmaoisthebest Tue, 06/17/2014 - 22:58
User Badges:

Actually, before i post my problem, i already tried to create an access rule as what andywi928 did. I found that the created access rule cannot do the results of port forwarding.

I have also tried to set the port forwarding accompanying with the firewall access rule, I found that the priority of port forwarding is just over the firewall access rule in which the source IP does not specified to only a single IP address.

Any cisco expert can point me to a correct direction in configuring this?

vreid47362 Sat, 06/21/2014 - 17:13
User Badges:

If you want to port forward to a Public IP besides the WAN address of the firewall, you have to do three things.

1.  You need to set up a 1-to-1 NAT range for the additional Public IP's.  You do this on the One-to-One NAT page in the Setup section of the RV320.  You will need the starting Private IP Range, the Starting Public IP Range, and the Range Length.

2.  You need to give the computer that is destined to receive the port forwarding traffic an internal LAN IP that is within the Private IP range listed in #1.

3.  You will need to create a firewall rule with a Source Interface of the appropriate WAN, a source of Any, with the appropriate service, and with a destination of the internal IP address that corresponds with the LAN IP you are using in #2.

 

 

Elia Gargini Wed, 02/03/2016 - 00:20
User Badges:

Hello,

I have the same problem.

If I set a One-to-one nat, firewall is bypassed and the internal IP is linked to the external one without filters.

Did you find the way?

Thank you.

Delegate1 Fri, 11/11/2016 - 02:28
User Badges:

After spending a few hours on this problem i solved it.

I needed to use address translation, but i probably works in port forward as well.


I needed to forward port 9200 and 9300 to two different printers.

And the printers receive on port 9100.

So open port 9200 -> 9100 and only allow X.X.X.X

And Open port 9300 -> 9100 and only allow X.X.X.X


So i opened the port in address translation and that opened the port for any ip.

Service: IPP 9200~9100, IP: 192.168.0.50, Enable

Service: IPP 9300~9100, IP: 192.168.0.51, Enable


Then i added 2 access rules.

Priority 1, Allow, Service 9100, WAN1, Source: X.X.X.X, Destination: My printers, Time: Always

Priority 2, Deny, Service 9100, WAN1, Source: any, Destination: My printers, Time: Always


The thing i got stuck on was i opened the port 9200 and 9300 when i should have opened the "already translated port number"


So.. Well played cisco! you almoast got me!

Actions

This Discussion