DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
Restrict Port forward by WAN IP
- dippy_x
- Topic Author
- Offline
- New Member
Less
More
- Posts: 2
- Thank you received: 0
08 Nov 2011 12:30 #69978
by dippy_x
Restrict Port forward by WAN IP was created by dippy_x
Hi,
I have a Draytek 2830VN.
I want to restrict port forward based on WAN IP. eg If I want to port forward RDP, 3389, but only want a certain external WAN IP to be allowed to access this server. Is this possible with the draytek? The port forward rules only let me select all wan IP or IP aliases that I have added to the WAN connection. If I was to add an external IP to the wan aliases that is not one of my own static IP addresses - would this fix?
Thanks
I have a Draytek 2830VN.
I want to restrict port forward based on WAN IP. eg If I want to port forward RDP, 3389, but only want a certain external WAN IP to be allowed to access this server. Is this possible with the draytek? The port forward rules only let me select all wan IP or IP aliases that I have added to the WAN connection. If I was to add an external IP to the wan aliases that is not one of my own static IP addresses - would this fix?
Thanks
Please Log in or Create an account to join the conversation.
- nealuk
- Offline
- Member
Less
More
- Posts: 465
- Thank you received: 0
08 Nov 2011 17:37 #69981
by nealuk
Replied by nealuk on topic Re: Restrict Port forward by WAN IP
Do the port forwarding as normal. Then use Firewall > Filter > Default Data Filter under which to add your Index requirements for RDP.
e.g. 2 ) Filter Block if no further match
3) Filter pass immediately
e.g. 2 ) Filter Block if no further match
3) Filter pass immediately
Please Log in or Create an account to join the conversation.
- dippy_x
- Topic Author
- Offline
- New Member
Less
More
- Posts: 2
- Thank you received: 0
09 Nov 2011 08:20 #69988
by dippy_x
Replied by dippy_x on topic Re: Restrict Port forward by WAN IP
Thanks - that make sense.
I have one other query:
on the old netgear, I had some rules which port forward email/25 to a different internal IP for TLS encryption. So I would specify the company who we need to encrypt TLS email with as the WAN user/IP and then set my port forward. Under that, I would set my normal port forward which would catch all other WAN connections.
Any ideas on how I could achieve this?
eg (all IPS are fake/examples)
WAN IP 220.194.132.26 TCP 25 -> internal IP 10.0.0.5
WAN IP * TCP 25 -> Internal IP 10.0.0.6
I guess what I am looking to do is attach a firewall rule to a particular port forward rule?
Thanks
I have one other query:
on the old netgear, I had some rules which port forward email/25 to a different internal IP for TLS encryption. So I would specify the company who we need to encrypt TLS email with as the WAN user/IP and then set my port forward. Under that, I would set my normal port forward which would catch all other WAN connections.
Any ideas on how I could achieve this?
eg (all IPS are fake/examples)
WAN IP 220.194.132.26 TCP 25 -> internal IP 10.0.0.5
WAN IP * TCP 25 -> Internal IP 10.0.0.6
I guess what I am looking to do is attach a firewall rule to a particular port forward rule?
Thanks
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek