ip port-forward

Syntax

ip port-forward tcp|udp [<public-ip>:]<public-port> <mac>|island [<dest-port>]

Syntax Description

Defaults

By default, port-forwarded connections will be accepted on any of the Island's interface IP addreses, and the destination port number will not be modified.

Usage Guidelines

Island normally blocks all inbound connection attempts from the Internet (i.e., on WAN ports) or on other internal networks (LANs) to internal devices. This command provides a method to allow inbound connections to specific internal devices (or to the Island itself) on specific TCP and UCP ports. In essence, it opens a "hole" in the internal stateful firewall for specific internal services.

If the public IP address is not specified, connections will be accepted an any of Island's interface addresses on the specified TCP or UDP port. Use care when doing this on ports used for internal management (e.g., TCP ports 22, 443, and 4443) or incoming VPN connections (UDP port 51820 or as defined by the vpn port command, and UDP port 3006) as the port-forward will make those services unavailable on those ports.

If the public IP address is specified, connections will be accepted only on that address.

The maximum number of port-forward commands is 1024.

Examples

Related Commands