I am using a Netvanta 3448 on Firmware R12.3.3.E.
Is there any way to allow a group of IPs through Port Forwards that are translated to user-specified ports?
I know you can go through and add every allowed IP individually to the specific ACL, such as:
ip access-list extended web-acl-8
remark http to switch
permit tcp xx.xxx.xxx.55 0.0.0.31 any eq 999 log
permit tcp xx.xxx.xx.44 0.0.0.15 any eq 999 log
permit tcp xx.x.xxx.33 0.0.0.3 any eq 999 log
permit tcp xx.x.xxx.222 0.0.0.3 any eq 999 log
Then add a nat destination rule to the Public policy class:
ip policy-class Public
nat destination list web-acl-8 address 10.10.10.3 port 80
But is there anyway to create an ACL with allowed IPs then add this list to a Port Forward ACL that can be added to the Public Policy class? For example:
ip access-list extended ALLOWED
permit ip xx.xxx.xxx.55 0.0.0.31 any
permit ip xx.xxx.xx.44 0.0.0.15 any
permit ip xx.x.xxx.33 0.0.0.3 any
permit ip xxx.xxx.x.222 0.0.0.3 any
ip access-list extended web-acl-8
remark http to switch
permit tcp list ALLOWED any eq 999 log
ip policy-class Public
nat destination list web-acl-8 address 10.10.10.3 port 80
^^^Just an example. Not a possible config.
I would like to do this so that I don't have to manually add the same IPs over and over to different Port Forwards.