How to configure an AR to allow only one public IP address to access intranet servers

To configure an AR to allow only one public IP address to access intranet servers, configure an ACL when you configure a NAT server.
For example, you can perform the following configurations to allow only public address 1.1.1.1 to access the intranet server (public address 2.1.1.1 and private address 10.1.1.22):
Configure an ACL to permit the source IP address 1.1.1.1.
acl number 2005
 rule 5 permit source 1.1.1.1 0 
Configure a NAT server and bind the ACL.
interface GigabitEthernet0/0/3
 nat server protocol tcp global 2.1.1.1 ftp inside 10.1.1.22 ftp acl 2005                                                            

Scroll to top