NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

dfilip's avatar
dfilip
Guide
Mar 25, 2019
Solved

BR500 Firewall Problems

Anyone here have experience with the BR500 VPN Firewall / Router and getting Firewall => Traffic Rules working?  I'm using the web console, and not Insight.   I have set up From an external IP (W...
  • dfilip's avatar
    dfilip
    Mar 27, 2019

    Brilliant!  That works beautifully - thanks!

     

    I was just thinking about this wrong, and now understand.  On my FVS318Gv2, the once screen did both the port fowarding and the access restrictions.  On the BR500, if I think of Traffic Rules as JUST iptables, and nothing else, then this makes perfect sense.  Always provide the accept rules first, and then drop everything else later.  Got it.

     

    I can now move foward ... the fun will be when I start adding more rules, and need re-order the accept and drop rules ... all without a visual editor ... ;-)

     

Retired_Member's avatar
Retired_Member
Mar 27, 2019

dfilip 

 

Very appreciate the description in detail, your requirment, establish the connecion from Cloud to Local with port 5984, allow public address 34.233.185.29 to access only, I think you can achieve that with BR500.

Step1: using port forwarding under firewall, to mapping 5984, after that, Cloud can reach local on 5984 with BR500 WAN IP address

Step2: Create two traffic rules under firewall, allow the connection between Cloud and local

           - rule1, From local 192.168.1.170 in LAN to 34.233.185.29 on WAN, action Accept

           - rule2, From local 192.168.1.170 in LAN to any rounter IP outside on WAN, action Drop

 

Let's know if you have any unclear, thanks

 

dfilip's avatar
dfilip
Guide
Mar 27, 2019

Brilliant!  That works beautifully - thanks!

 

I was just thinking about this wrong, and now understand.  On my FVS318Gv2, the once screen did both the port fowarding and the access restrictions.  On the BR500, if I think of Traffic Rules as JUST iptables, and nothing else, then this makes perfect sense.  Always provide the accept rules first, and then drop everything else later.  Got it.

 

I can now move foward ... the fun will be when I start adding more rules, and need re-order the accept and drop rules ... all without a visual editor ... ;-)

 

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More