Description: This article describes how to allow port forwarding for specific connection sources only. Requirements:
- Previously configured and functional Internet connection
- Previously configured and functional port forwarding (also see )
- Fixed public IPv4 address at each location that requires access to the destination by means of port forwarding
Procedure: 1) Deny inbound communications via port forwarding:
Note:
The following steps are only necessary if there is no firewall rule already in place that prohibits incoming traffic to the local network (e.g. a
deny-all rule ).
1.1) In LANconfig, open the configuration dialog for the router and switch to the menu item Firewall/QoS -> IPv4 rules -> Rules. 1.2) Click on Add to create a new entry. 1.3) On the General tab, make a meaningful entry for the Name of this rule. 1.4) Change to the Actions tab and check that the action object REJECT is in place.
- 1.5) Now switch to the Stations tab and make the following adjustments:
2) Allow inbound communication from specific sources: 2.1) Create another entry under Firewall/QoS -> IPv4 rules -> Rules. 2.2) On the General tab, make a meaningful entry for the Name of this rule. 2.3) Switch to the Actions tab, delete the object REJECT and add the object ACCEPT. 2.4) Now switch to the Stations tab and make the following adjustments:
2.5) Change to the Services tab and make the following adjustments:
- Protocols/source services: Leave this setting as all protocols/source services
- Protocols/target services: Set the radio button to the following protocols/target services and click Add.
Select the protocol from the list.
Note:
If the protocol is not included in the list of service objects, click
Add custom service and enter the necessary information (this example being
HTTPS ).
2.6) Write the configuration back to the router. |
|