DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

3300V+ router - help with setting up IP filter

  • mitachu
  • Topic Author
  • Offline
  • New Member
  • New Member
More
20 Jan 2011 16:27 #65766 by mitachu
I'm configuring a new 3300V+ router and am wanting to set up some rules to block outbound traffic. Eventually I'll want to force all HTTP and HTTPS through a proxy server but for the timebeing I want to stop outbound TCP/23 (telnet) to the Internet (WAN1) from everyone on the LAN.

What I've done so far is:

1. Set the IP Filter start group to "Block"
2. In the "Block" group, I've set up a new rule called "Block telnet" which says Source IP: any, Source port: 23, Protocol: TCP, Direction: LAN to WAN
3. The action of this rule is to Block Immediately
4. The "Active" option is ticked

I'd really expect this to work but it doesn't make any difference whatsoever.

Some help on this would really be good! I've read the User Guide PDF downloaded from the Draytek site but it's bloody awful and doesn't cover this area very well.


Cheers.

Please Log in or Create an account to join the conversation.

More
20 Jan 2011 21:16 #65769 by voodle
I can't check the interface right now but the 3300 should be similar to other routers in that you shouldn't specify the source port because due to NAT, that's always random, only specify the destination port and the block rule should then work :)

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami