I would like help in setting up Filter Rules in the Draytek 2820Vn router
that has just been purchased. The manual and FAQ on this subject is not
helpful for novices like myself.
The router is up and running using a static IP address. I have a NAS server that I want to be able to access through the internet. I have set this up using one of the 5 static IP addresses. It has been placed in the DMZ zone and can be accessed using one of the router’s internal IP e.g 192.168.1.18
My only concern is that since this NAS device is in the DMZ area, I need to add further filters to protect it. However, I find it difficult to do what I want in the Allow and Block Rules Filter rules.
For example, I only want to access certain services on the NAS such as web, FTP 21, HTTP and HTTPS 80, 443.
I can access on my internal network but I am unable to access from outside (WAN). I have tried to create the following filter without luck to access HTTP. If however I untick Filter Set Rule 2 then I am able to access. I have set up a filter rule as follows:
Filter Set 2 Rule 2
Comment: Block All
Direction: from WAN > LAN
source ip = Any
destination ip = 192.168.1.18
service type = Any
fragments = Don’t Care
rule = block if no further match
Filter Set 2 Rule 3
Comment: Allow HTTP
Direction: from WAN > LAN
source ip = Any
destination ip = 192.168.1.18
service type = tcp, Port from any to 80
fragments = Don’t Care
rule = Pass Immediately
Whenever I try to access from outside, the server is being blocked. I have opened the port 80 in the open port section.
Would appreciate help with this. Thanks
zappan
