rv082, still not luck with port forward/access rules

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by TekNeck, Apr 30, 2007.

  1. TekNeck

    TekNeck LI Guru Member

    Help please,
    I have a RV082 running firmware 1.3.5
    What I am needing is to have one server on the lan visible to one external IP on the outside. I believe a VPN connection would be too much of a burden for this application. I have read some of the previous posts and they have helped me a lot, but I must be missing something still.

    I am wanting to share port 80 of the server with one external ip. Using UPnP I have set a rule pointing port 80 traffic to the internal IP of the server, and left the UPnP service disabled. Then I set the following firewall access rules (and firewall is enabled).

    priority 1; allow; http[80]; wan1; external ip; internal ip; always
    priority 2; deny; http[80]; wan1; any; any; always
    priority 3; deny; http[80]; wan2; any; any; always

    and after resetting the router I still have port 80 visible everywhere!
    I have read where using UPnP will insert hidden rules of lower priority than the user created ones, but I have not yet been able to restrict access to the one external ip.

    I will admit I have little experience with routers, so if there is anything else obvious to check please let me know.

  2. pablito

    pablito Network Guru Member

    If those rules are entered in the order listed then it should work. I do this all the time with SSH. I allow traffic from a list of locations and deny the rest.

    Are you sure that you don't have port forwards also entered instead of UPnP? PF will do what you are experiencing. Or perhaps the rules are not in the order listed.

    Make sure that you don't have remote management enabled.

    And finally, VPN is a good choice for what you describe. More secure and faster (compression).

    Attached Files:

  3. TekNeck

    TekNeck LI Guru Member

    Thank your very much for the reply. I didn't know about the remote management being a problem. I did have it turned on, and also another PF rule, but the PF rule was for another port on the same computer. After fixing these issues I still have port 80 visible everywhere. I haven't had time to test as much as I want. When I do I will let you know what I find.
    Thanks Again,
  4. d__l

    d__l Network Guru Member

    Have you tried a set up with the firewall access rules you listed above, but without the UPnP "forwarding" rule for port 80?
  5. lifted

    lifted LI Guru Member

    i would set a forward for remote desk top if you just need access to the machine, just forward port 3389 to the local ip of the server. any time you put the wan ip into remote desktop it will take you straight to the server. if you need sql, or ftp request to forward to the server do the same using the correct ports.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice