Upcoming Maintenance Alert:

The UBNT Community will be upgraded at 5pm MDT on April 25th. During this time the community forums will be set to read-only status.

Learn more

Posts: 104
Registered: ‎01-10-2014
Kudos: 4
Solutions: 2

Securing server open ports to specific hosts?



I have a question that I'm not sure if there's an answer to. I'm running an entire Unifi setup for my house. I am big into home automation and leverage Amazon's Echo when I can. A new feature to the Echo came out where I can ask it to access my media library and automatically play movies, music, etc via voice commands. In order to do this however, Amazon's Alexa web services have to be able to access my media server on a specific port. Therefore, at this time, my media server [Plex] has remote access turned on an I've created a Port-Forward on the USG to allow traffic to my server. 


I wanted to see if I could take this one step further and somehow scope the access to only Amazon. Granted, this would mean I would need the address range amazon is using or perhaps I can scope via Domain, however, it this something the USG can do at Layer 3, stopping the traffic from passing the USG? Or would I need to do this from a software firewall standpoint, blocking access at the actual server?


Thanks in advance!