Hi, I am new to firewall rules. I want to allow only certain wan ip to browse my server.

I have done a factory reset.
setup Wan by IP address in my lan. Then added a server to the sub lan.
Tried accessing from lan to browse, but blocked.
Then I allow open port 80 to my server.
I can now browse from lan.
I set firewall filter as follows as per FAQ.
Set#2 Data
all addresses
Source ports = 80 ~ 80
Dest ports = 80 ~ 80
Block if no further match
all saved and re-booted router.

But I can still browse from the outside.

Once blocked I can then set up a rule to allow certain IP addresses.

Thanks Terry

terrymars wrote: ...Source ports = 80 ~ 80...

Firstly, on the internet the request can travel on ANY port. So set the Source to be 1 to 65535

See this SMTP illustration I put together a short while back: http://forum.draytek.co.uk/viewtopic.php?f=13&t=16578&hilit=+SMTP#p69891

It is for SMTP, but will do fine for your Web concept. Regards, Neal

Hi Neal

Great that worked. I did not know to make source ports any, I assumed it would always come in on 80.

Thanks very much.

Terry