Knowledgebase: Vigor2960
How to Restrict Incoming Connections from the Internet using Vigor2960 Router
Posted by Paul Ang on 03 May 2017 11:10 AM

In this example, we will configure Vigor 2960 router using Objects to allow only MyPC RDP access to PC1.

 

 

Step 1: Configure Port Redirection

            1. Go to NAT>>Port Redirection and click Add button.

               a. Enter Profile name as (e.g RDP).

               b. Select Enable to activate this profile.

               c. Enter Public Port as (e.g 514).

               d. Enter Private IP address which is PC1’s IP address (192.168.1.12).

               e. Enter Private Port as RDP Port (3389).

               f. Click Apply to save your settings.

Step 2: Create Objects

            1. Create Object for “MyPC”.

                a. Go to Object Settings>>IP Object and Add button.

                b. Enter Profile as “MyPC”.

                c. Select Address Type as Single.     

                d. Enter “MyPC” public IP address.

                e. Click Apply to save your settings.

     

         1. Create Object for “PC1”

             a. Go to Object Settings>>IP Object and Add button.

               b. Enter Profile as “PC1”.

               c. Select Address Type as Single.

               d. Enter “PC1” IP address.

               e. Click Apply to save your settings.

         3. Create Object for RDP Port.

             a. Go to Object Settings>>Service Type Object and Add button.

             b. Name Profile as “RDP”.

             c. Enter Destination Port as RDP port (3389~3389).

             d. Click Apply to save your settings.

Step 3: Create Firewall Filters

            1. Create filter rule that will block all RDP traffic if no other filter rule will match this rule.

                a. Go to Firewall>>Filter Setup and click Add button.

               b. Select “Enable” and name the group as “Block All”.

               c. Click Apply to save your settings.

 

                d. Inside the Group (Block All), click Add button to create a Rule.

               e. Name profile as “Block All” and select “Enable”

               f. Select Action as “Block if no Further Match”.

               g. For source IP is any IP address.

               h. For destination IP, select IP Object “PC1”.

               i. For service type, select Service type Object “RDP".

               j. Click Apply to save your settings.

         2. Create filter rule that will only allow MyPC to access PC1 remotely using RDP

             a. Go to Firewall>>Filter Setup and click Add button.

               b. Select “Enable” and name the group as “Allow RDP”.

               c. Click Apply to save your settings.

                d. Inside the Group (Allow RDP), click Add button to create a Rule.

               e. Name profile as “Allow RDP” and select “Enable”.

               f. Select Action as “Accept”.

               g. For source IP, select IP Object “MyPC”.

               h. For destination IP, select IP Object “PC1”.

               i. For service type, select Service type Object “RDP".

               j. Click Apply to save your settings.

Step 4: Testing

            1. Use Windows Run to launch the Remote desktop application.

            2. Enter the public IP address and port number of PC1.

            3. Use a different computer to test the firewall policies.

            4. Repeat step 1 and 2.

 

(2 vote(s))
Helpful
Not helpful

Comments (0)