USG60 access specific ip address
Freshman Member
All Replies
-
Policy Rules.
0 -
I have two wan ports on my device. It is necessary that the internal ip address of the type 192.168.0. *** (LAN1) be accessible on a specific port only through WAN2 from the external ip address of the type 46. **. **. **
0 -
Go to object > Address > Add address for lan1 192.168.0.X and external ip 46.X.X.X
Go to Security Policy > Policy Control > Add Policy
only allow the the external ip 46.X.X.X to lan 1 192.168.0.X
0 -
This method does not work correctly. I did everything according to your scheme, however, access in this case gets any external IP address, despite the record "source-externalip".
In other words, if I substitute an address in an external field, for example, 85.85.X.X then my desired address 46.X.X.X gets access too. And vice versa ?
0 -
Did you configure 1:1 NAT?
0 -
Yes, I tried both options - VirtualServer and 1:1 NAT, It did not give the necessary Result. Either all the IP got access, or none ?
And I solved this problem like this:
- Wrote a rule nat for port forwarding (All external ip got access to LAN1)
- Wrote 2 rules in Policy Rules. The first rule allows access from wan to lan1 to the external ip I need. The second rule prohibits access to all external ip access from wan to lan1. In that order.
It worked ?
Thanks everyone!
1
Guru Member
Master Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 239 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
