FW rule on external 1:1 NAT
mmerlone last edited by
I have set two external ip addresses pointing to the same internal host by 1:1 NAT, like this:
WAN -> LAN
18.104.22.168 -> 192.168.0.1
22.214.171.124 -> 192.168.0.1
Connections coming to 126.96.36.199 should be denied from all internet except when coming from some hosts, while 188.8.131.52 should be free to all. Since on the WAN tab of the fw rules I can only set the internal destination address, how can I accomplish this?
Thanks in advance, best regards.
KOM last edited by
From what I have read, 1:1 NAT is a security risk and should only be used in the rare case that you really need access to the full port range on the internal server. Specific port-forwards are generally best. Port-forwards also let you specify the source IP address but I haven't played with that.