Configuring intranet users to access a public address on the USG6000

0

Configuring intranet users to access a public address on the USG6000 as follows:
Search for Example for Configuring NAPT for Intranet Users to Access the Internet in USG6000 Product Documentation.

Other related questions:
Configuring intranet users to access a public address on the USG2000/5000
Configuring intranet users to access a public address on the USG2000/5000 as follows: Search for Example for Configuring Address Pool-based NAPT and NAT Server in USG2000/5000 Product Documentation.

nabling intranet users to access the intranet server on the same subnet of the same security zone through a public IP address
Configure a source NAT policy with the source and destination security zones being the security zone where the users and intranet servers reside to translate source IP addresses of intranet users into a public address. Then configure a server static mapping policy to translate the destination addresses of packets destined for the public address of the servers into private addresses.

How to configure an AR to allow only one public IP address to access intranet servers
To configure an AR to allow only one public IP address to access intranet servers, configure an ACL when you configure a NAT server.
For example, you can perform the following configurations to allow only public address 1.1.1.1 to access the intranet server (public address 2.1.1.1 and private address 10.1.1.22):
Configure an ACL to permit the source IP address 1.1.1.1.
acl number 2005
 rule 5 permit source 1.1.1.1 0 
Configure a NAT server and bind the ACL.
interface GigabitEthernet0/0/3
 nat server protocol tcp global 2.1.1.1 ftp inside 10.1.1.22 ftp acl 2005                                                            

Whether the NAT address group configured for the USG6000 affects the access to the public network
After the NAT address group is configured, it does not affect the access to the public network when it is not called.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top