We help IT Professionals succeed at work.

Linksys/Cisco RV082 turn off firewall for specific IP addresses

rbienstock asked
I'm having problems using my TiVo Premiere XL boxes on my network that is located behind a Linksys/Cisco RV082. These boxes do periodic connections to TiVo's servers and occasionally these connections fail for some unknown reason. The one sure-fire fix for the problem is to turn off the firewall at the router for the duration of the connection. Obviously, that isn't something that I want to permanently leave off.  TiVi has given me a list of about 30 ports that it says have to be open both incoming and outgoing. I can't seem to find any place in the settings where I can open outgoing ports, and it appears that the only place I can deal with incoming ports is in the port forwarding section. But I don't think that that will solve my problem because from what I can tell, even if I set up a service for each one of the ports that TiVo wants me to open, all the router will let me do is to forward traffic on that port to a specific network IP address.  The problem is that I have more than one TiVo box and all the boxes need the same set of ports open. On other firewalls that I've seen, you can set up a policy that opens a specific list of ports and then you can assign that policy to various internal IP addresses. The RV082 doesn't seem to let you do that. One thing I thought of was that there is an "all traffic" service that involves all available TCP and UDP ports. What would happen if I assigned this service to each one of my TiVo boxes? Would that effectively and completely open those boxes to the web (not a problem as there are no TiVo viruses that I am aware of) while maintaining the firewall on the rest of my network, as well as specific port forwarding assignments for other devices?
Watch Question

luc_roySystem Admin

Go into

Firewall -> Access Rules

here you can add a map with inbound all to your TIVO.  If the port is not in the list the click

Service Management and add the one you need.

This is how I open ports to a specific IP.  Make sure your IP is static on the TIVO.


Aha! so looking at the Access Rules tab, it appears that I would have to create two rules for each TiVo, one for inbound and one for outbound. For inbound, the Service would be All Traffic, the Source Interface would be Any, the source would be Any and the destination would be the static IP of each tivo. For outbound, the Service would be All Traffic, the Source interface would be LAN, the Source would be the Static IP of each TiVo and the destination would be Any. Or would I not need the second rule because there is supposed to be a global rule allowing all traffic from the LAN to access the WAN?
System Admin
the lan to the WAN will take care of itself.  Yes make one rule for each service and each IP unless it's a range then you can do that.