Billion UK Forum

Hi

Why doesn't the below work? Cannot figure out why unless there is something obvious I have missed. All I need is port 3389 (rdp) to go to a specific computer on my network but allow only a certain IP address.

Every time I add the rule, it's completely ignored.

Hi,
Have you set up port 3389 under configuration>virtual server>port mapping ? See my post here:
viewtopic.php?f=17&t=106

Steve

I wanted to be able to restrict an IP address - this cannot be done in virtual server.

Can anyone clarify how to use the firewall on this router? Whatever I add makes no difference.

Hi,
Virtual server opens the port then firewall rules decide what to allow through, try:
in virtual server:
Application RDP
Protocol TCP/UDP
External Port 3389
Internal IP Address 10.10.2.10
Internal Port 3389
Time Schedule Always On

Then in port mapping setup 2 rules:first allows 1 ip access
Rule name 3389.2
IP version IPv4
Internal IP address 10.10.2.10 - 10.10.2.10
External IP address (the public ip you wish to allow access from)
Protocol TCP/UDP
Internal port 3389
External port Any (leave empty)
Direction Incoming
Action Allow
Time Schedule Always on
Log Yes

Second blocks access for everyone else:
Rule name 3389.2block
IP version IPv4
Internal IP address 10.10.2.10 - 10.10.2.10
External IP address Any (leave blank)
Protocol TCP/UDP
Internal port 3389
External port Any (leave empty)
Direction Incoming
Action Drop
Time Schedule Always on
Log Yes

Traffic from IP's other than the one you want to allow will not match the first rule & will be dropped by the second. I've got rules setup on mine for http, ftp & webdav access and the firewall log shows them working fine.

Steve

Excellent - That works - Thanks very much.

Hi,
Glad I could help.

Steve