public ip > local ip Help me!

sgtourism176 · October 4, 2022, 7:42am

I have a situation that I need to figure out quickly.

I have a public IP on int WAN=65.123.x.x
I have a local IP on int LAN=10.59.1.64

I need to set up something that will allow an outside IP to tunnel thru my network to the LAN ip while retaining all my other connections…

I am affraid of creating a src + dst rule in fear that I might route all traffic to that box and bring my network down.

Can you guys give me a solution!? I need step by step on this, this is my first time ever dealing with this!!

Thanks!

::More Specs on Setup::

This is what I need to see happen…

Remote office (24.29.x.x)

T1 (65.123.x.x)

MT (10.59.1.1)

AP (10.59.1.9)

CPE (10.59.1.25)

PIX501 (10.59.1.64)

How is this done? Thanks
Saigontourism

Sob · October 5, 2022, 12:15am

Try different words and more details, so far it doesn’t seem exactly clear. If you want to simply access some ports on 10.59.1.64 from 24.29.x.x (and only from there), dstnat should be enough, e.g.:

/ip firewall nat
add chain=dstnat dst-address=65.123.x.x protocol=<tcp/udp> dst-port=<number(s)> src-address=24.29.x.x action=dst-nat to-addresses=10.59.1.64