DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Filter rule does not block traffic

  • incagarcilaso
  • Topic Author
  • Offline
  • Banned
  • Banned
More
18 Feb 2012 15:17 #71266 by incagarcilaso
Filter rule does not block traffic was created by incagarcilaso
On 2830Vn. I have set up two filter rules so that only a single computer (IP) can connect to a computer on the network using RDP (port 3389). The two rules I have set up are as follows:

1. Block all incoming IPs from any port looking to connect to one IP on 3389. This should block all traffic.
2. Allow one IP on any port trying to connect to one IP on 3389. This should then allow just this one workstation through.

However, filter 1 is not applied - it simply does not block traffic. I have not yet activated filter 2 because I wanted to test the block rule first and then allow the single workstation through.

I can still make a connection to 3389 from any workstation, so the block rule is not working. Any help would be greatly appreciated?

Please Log in or Create an account to join the conversation.

More
21 Feb 2012 14:21 #71300 by rj
Replied by rj on topic Re: Filter rule does not block traffic
Hi,

Check the following example : http://www.draytek.com/user/SupportFAQDetail.php?ID=2084

Hope this helps,

regards,

rj

Please Log in or Create an account to join the conversation.

  • incagarcilaso
  • Topic Author
  • Offline
  • Banned
  • Banned
More
21 Feb 2012 14:42 #71303 by incagarcilaso
Replied by incagarcilaso on topic Re: Filter rule does not block traffic
Hi rj,

Thanks for the pointer but this was the very set of instructions that I had followed to set this up. It does not work. The filter rule is not applied and access is not restricted.

Matthew

Please Log in or Create an account to join the conversation.

More
21 Feb 2012 20:29 #71309 by rj
Replied by rj on topic Re: Filter rule does not block traffic
Hi,

Please double-check step-by-step.

Im using this exact setup without problems

(confirm if you're creating this rule on Filter Set 2

regards,

rj

Please Log in or Create an account to join the conversation.

  • incagarcilaso
  • Topic Author
  • Offline
  • Banned
  • Banned
More
21 Feb 2012 20:50 #71312 by incagarcilaso
Replied by incagarcilaso on topic Re: Filter rule does not block traffic
Hi,

I have checked and re-checked. I have it set up as follows:
Filter rule #2 in Filter set #2 after the default NetBIOS to DNS rule.
Direction: LAN to LAN
Source IP: Any
Destination IP: The relevant host IP, which is static.
Service: Relevant port
Fragments: Don't care
Filter: Block immediately.

The rule is checked as active.
I wonder if the problem lies elsewhere. Is this related to any other configuration such as the Default Rule in Firewall, General Setup? Perhaps it is those settings that are incorrect. I also have it set up as rule-based, not user-based. Is that important?
Regards,
Matthew

Please Log in or Create an account to join the conversation.

More
29 Feb 2012 11:08 #71411 by radicalbadger
Replied by radicalbadger on topic Re: Filter rule does not block traffic
Your direction shows LAN to LAN. Are both your source and destination computers on your local network? If so, the firewall will not block connections even if it is the gateway for both devices as they can talk directly to each other on the local subnet.

Please Log in or Create an account to join the conversation.

Moderators: Sami