Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

rv320 - port forwarding from a specific WAN IP

Hi, i just received and configuring the rv320 router. I can successfully set the port forwarding from WAN to specific LAN IP address. I would like to know is it possible for this device to set the port forwarding from a specific WAN IP address? Thank you for the help.

Community Member

I've got exactly the same

I've got exactly the same issue - 16 public addresses that we use to map specific services over to certain servers (on a port by port basis).

This seems a really basic function (my 5 year old Drayteks have been doing it) - the only option seems to be the One to One - but that is Public to Internal with no port restrictions which is not what is required. I have a feeling the RV320 will be going back sad

Community Member

agree, this really quite a

agree, this really quite a basic functionality for this level of VPN router.


hungmaoisthebest, To change



To change the source address, you will need to create an Access Rule under Firewall instead of using Forwarding.


- Marty

Community Member

I have the same problem, and

I have the same problem, and have already tried creating a Access Rule without success. I need to forward Remote Desktop Port 3389 from a specific public IP address to a internal server. I do this with other lower-level Cisco Small Business routers all the time, but cannot get this to work with the RV320. Here's what I've tried:


1) Create new Access Rule

2) Create new Service called TS for TCP port 3389-3389

3) Set new Access Rule to Allow

4) Set Source Interface to Any (I've also tried WAN1, etc.)

5) Set Source IP to the only single public IP that will be allowed

6) Set Destination IP to the single internal IP address

7) Set Scheduling to Always


When I use any standard RDP app from the outside, the router blocks 3389 access.

What am I missing? Can anyone help resolve this, or do I need to call in to Cisco Support?

Community Member

Actually, before i post my

Actually, before i post my problem, i already tried to create an access rule as what andywi928 did. I found that the created access rule cannot do the results of port forwarding.

I have also tried to set the port forwarding accompanying with the firewall access rule, I found that the priority of port forwarding is just over the firewall access rule in which the source IP does not specified to only a single IP address.

Any cisco expert can point me to a correct direction in configuring this?

Community Member

If you want to port forward

If you want to port forward to a Public IP besides the WAN address of the firewall, you have to do three things.

1.  You need to set up a 1-to-1 NAT range for the additional Public IP's.  You do this on the One-to-One NAT page in the Setup section of the RV320.  You will need the starting Private IP Range, the Starting Public IP Range, and the Range Length.

2.  You need to give the computer that is destined to receive the port forwarding traffic an internal LAN IP that is within the Private IP range listed in #1.

3.  You will need to create a firewall rule with a Source Interface of the appropriate WAN, a source of Any, with the appropriate service, and with a destination of the internal IP address that corresponds with the LAN IP you are using in #2.



Community Member



I have the same problem.

If I set a One-to-one nat, firewall is bypassed and the internal IP is linked to the external one without filters.

Did you find the way?

Thank you.

Community Member

After spending a few hours on

After spending a few hours on this problem i solved it.

I needed to use address translation, but i probably works in port forward as well.

I needed to forward port 9200 and 9300 to two different printers.

And the printers receive on port 9100.

So open port 9200 -> 9100 and only allow X.X.X.X

And Open port 9300 -> 9100 and only allow X.X.X.X

So i opened the port in address translation and that opened the port for any ip.

Service: IPP 9200~9100, IP:, Enable

Service: IPP 9300~9100, IP:, Enable

Then i added 2 access rules.

Priority 1, Allow, Service 9100, WAN1, Source: X.X.X.X, Destination: My printers, Time: Always

Priority 2, Deny, Service 9100, WAN1, Source: any, Destination: My printers, Time: Always

The thing i got stuck on was i opened the port 9200 and 9300 when i should have opened the "already translated port number"

So.. Well played cisco! you almoast got me!

CreatePlease to create content