DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Port redirection and firewall rules

  • ghenry
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
30 Aug 2010 14:33 #1 by ghenry
Port redirection and firewall rules was created by ghenry
Hi,

When using Port Redirection, which port to you use to define your Firewall rules?

For example, say I'm picking off 5000 which goes to an internal IP on port 5050. Which port do I use in my Firewall filters?

Thanks.

Please Log in or Create an account to join the conversation.

More
02 Sep 2010 12:34 #2 by rpg
Replied by rpg on topic Port redirection and firewall rules
Not sure I understand the question but on the 2820 router within NAT -> Port Redirection you specify the external port (5000 in your example) get redirected to a private IP (which you specify) on a private port (5050 in your example).

Any external traffic on port 5000 will then be re-directed to the private IP on port 5050.

Is that what you mean?

Please Log in or Create an account to join the conversation.

  • ghenry
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
02 Sep 2010 12:41 #3 by ghenry
Replied by ghenry on topic Port redirection and firewall rules

rpg wrote: Not sure I understand the question but on the 2820 router within NAT -> Port Redirection you specify the external port (5000 in your example) get redirected to a private IP (which you specify) on a private port (5050 in your example).

Any external traffic on port 5000 will then be re-directed to the private IP on port 5050.

Is that what you mean?



Not quite. I mean to add these rules but also lock them down on the firewall so only certain IPs can get to that port.

Cheers.

Please Log in or Create an account to join the conversation.

More
02 Sep 2010 12:57 #4 by rpg
Replied by rpg on topic Port redirection and firewall rules
Not something that I have ever done but on the 2820 under Firewall -> Filter Setup you can specify a WAN -> LAN rule of external IP going to internal IP on port x with an action of allow. Presumably you would also need to set a WAN -> LAN rule of ALL external IP going to internal IP on port x with an action of BLOCK.

Having said that though - port redirection is port redirection. Its not a filter. Can you filter by external IP on the internal IP device?

Please Log in or Create an account to join the conversation.

  • ghenry
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
02 Sep 2010 21:30 #5 by ghenry
Replied by ghenry on topic Port redirection and firewall rules

rpg wrote: Not something that I have ever done but on the 2820 under Firewall -> Filter Setup you can specify a WAN -> LAN rule of external IP going to internal IP on port x with an action of allow. Presumably you would also need to set a WAN -> LAN rule of ALL external IP going to internal IP on port x with an action of BLOCK.

Having said that though - port redirection is port redirection. Its not a filter. Can you filter by external IP on the internal IP device?



Exactly. Which port do you filter on? I switched on logging and say I redirected 5000 external to 80 internal. Which port do I pick off for the WAN->LAN rule, 5000 or 80?

Please Log in or Create an account to join the conversation.

More
02 Sep 2010 23:23 #6 by voodle
Replied by voodle on topic Port redirection and firewall rules
Because it's WAN to LAN I think it should be port 5000, it'll go in the order of firewall then port redirect.

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami