Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    1:1 NAT but limit inbound only from a list of IP addresses

    Scheduled Pinned Locked Moved NAT
    1 Posts 1 Posters 616 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      newbieuser1234
      last edited by

      I have 1:1 NAT working with 192.168.10.1 as my internal NATed address.  I want to restrict only certain IP external ranges to be able to send me traffic to the NATed device.  My firewall rule for WAN is IPv4 * * 192.168.10.1 * * none.  Everything works fine, but when I change the rule to include a source address of one of the external IPs i want to restrict, I see blocks in the firewall not allowing the traffic.  Doesn't make any sense to me.  I have Proxy ARP chosen for my VIP option for the external IP.  Do I need to create an alias with all list of IPs I want to allow and make that the source in the WAN firewall rule?  I refreshed my states, etc. when I changed the working rule.  I am on 2.1.4.  Couldn't get 2.2 to NAT at all.  Any help is appreciated.  There are lots of tutorials on NAT, but I couldn't find any that deal with only accepting NATed traffic from specific IP ranges.  I have five external statics at this location.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.