Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Filtering NAT

I need to open up the ports for PCAnywhere and use Static NAT to let those in, but I only want to permit a certain ip subnet from accessing those open ports. Any way to block access to those ports to anyone but the specified subnet?

Thanks,

Mike

2 REPLIES
Cisco Employee

Re: Filtering NAT

You can use extended access-list to deny/permit specific ports being accessed. Even when you have a static NAT, but if the ACL denies the source IP, it will drop the packet. Your solution is configuring extended ACL and apply to the interface where the packets are arriving (inbound).

HTH

R/Yusuf

New Member

Re: Filtering NAT

Can I do this without screwing up the current working config on that interface?

88
Views
0
Helpful
2
Replies