vic45708
asked on
How can I controll acess to my FTP server with a RV082
I have a Linksys router RV082. I have set firewall rules to only allow inbound port 21 from my office 62.33.33.21 [WAN1] (source) to the server 192.168.1.10 (destination) using Access Rules and no traffic is being passed to the server. When I added Forwarding (port range) the FTP works fine, except I can also FTP from my house. Thus the firewall rule is out the door as all inbound 21 traffic is forwarding to the server. At this point I have both firewall rules and port forwarding in effect.
I need to restrict all inbound traffic to the LAN and allow only specific ports to go to the server from my office and nowhere else.
Where did I go wrong?
I need to restrict all inbound traffic to the LAN and allow only specific ports to go to the server from my office and nowhere else.
Where did I go wrong?
In order to correctly configure the FTP service you have to include the port 20 (used for FTP data transfer).
ASKER
I used the 21 as an example, as I type slow.
I have 7 ranges that I am forwarding including 20-23 for FTP and Telnet.
I have Rule 1 as 20-23, with the above settings.
I have 7 ranges that I am forwarding including 20-23 for FTP and Telnet.
I have Rule 1 as 20-23, with the above settings.
Only FTP server use port 21, the FTP client use a random port for FTP connection, so you have to create a rule ANY to 20-21 for FTP service.
Please send a screenshot of rules.
Please send a screenshot of rules.
ASKER
Here are the screen shots of the firewall and port forwarding.
Remember ... all of my services are working.
I am trying to restrict access from anywhere but from my office IP.
Firewall.doc
Remember ... all of my services are working.
I am trying to restrict access from anywhere but from my office IP.
Firewall.doc
try to change the destination in your access rules to your public ip address.
ASKER
I made the change and it made no difference. [in the access rules I changed 192.168.0.10 to the ip of the server site]
I am still able to reach the server from home.
I am still able to reach the server from home.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.