USG60 access specific ip address
All Replies
-
Policy Rules.
0 -
I have two wan ports on my device. It is necessary that the internal ip address of the type 192.168.0. *** (LAN1) be accessible on a specific port only through WAN2 from the external ip address of the type 46. **. **. **
0 -
Go to object > Address > Add address for lan1 192.168.0.X and external ip 46.X.X.X
Go to Security Policy > Policy Control > Add Policy
only allow the the external ip 46.X.X.X to lan 1 192.168.0.X
0 -
This method does not work correctly. I did everything according to your scheme, however, access in this case gets any external IP address, despite the record "source-externalip".
In other words, if I substitute an address in an external field, for example, 85.85.X.X then my desired address 46.X.X.X gets access too. And vice versa ?
0 -
Did you configure 1:1 NAT?
0 -
Yes, I tried both options - VirtualServer and 1:1 NAT, It did not give the necessary Result. Either all the IP got access, or none ?
And I solved this problem like this:
- Wrote a rule nat for port forwarding (All external ip got access to LAN1)
- Wrote 2 rules in Policy Rules. The first rule allows access from wan to lan1 to the external ip I need. The second rule prohibits access to all external ip access from wan to lan1. In that order.
It worked ?
Thanks everyone!
1
Categories
- All Categories
- 395 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 82 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 914 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 415 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight