cancel
Showing results for 
Search instead for 
Did you mean: 

allowing only a client from a private network

I have a client workstation that is in a private network (172 range) that wants to access my network through my Sidewinder firewall. He gave me his private address. Of course this will not work since it is a private address. He could give me the external interface of his internet facing firewall but this would allow every body in from his LAN or WAN and of course I do not want that. How do I tie it down to his workstation only??

4 Replies
sliedl
Level 14
Report Inappropriate Content
Message 2 of 5

Re: allowing only a client from a private network

Do you want this client to have access to your whole internal network?  Or just some specific machine on a specific port?  If it's the whole network then you should create a VPN for him.

Re: allowing only a client from a private network

Just a machine (Web Server) on a specific port (443).

sliedl
Level 14
Report Inappropriate Content
Message 4 of 5

Re: allowing only a client from a private network

Make a rule on some other port, like 4434, set the source to his external IP, and redirect it to your internal webserver on port 443 (change the redirect port from 0 to 443).  Unless someone from his company using that same IP is scanning your external IP for open ports and then trying to connect on them, I don't see how anyone else will use that rule besides him.  Then you give him https://x.x.x.x:4434 and he can get to the server on the inside.

Re: allowing only a client from a private network

You need to create a network object first bind to your web server. You will then need to create a rule in your firewall. Select the application, source.... In destination put the public ip address (you could create an alias), and in the redirect field, specify the network object that you have created (the private ip address of your web server).

I think NAT is supposed to be set to none.

Please let us know if that works.

Mehdi