This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
BR200: How to block WAN completely except for some IP addresses?
We have an isolated LAN in our lab. We want to use BR200 as a gateway for a pair of special IPs and services (https and ssh). Other LAN WAN traffic should be blocked.
How can I configure this via the web interface for BR200? On our very old router ProSave FVS338, under LAN WAN Rules there is an option Default Ouboond Policy: Block Always.
I apologise for my silence due to an illness. Now I was able to test the RB200 extensively. Well, the device gives me a very buggy impression. For example, the instructions in the firewall traffic rules are sporadically not accepted and to be sure, you have to reboot the router...
I could of course block most services, 1-21, 23-442, etc. but that does not prevent e.g. an https page from being opened on an not desired server.
I achieved wished result via settings in the firewall traffic rules.
One has to keep in mind that the order of the rule is important.
So one must first allow the IPs that one wants 1. IP for WIKI ACCEPT 2. IP for GITLAB ACCEPT 3. IP for Timeserver ACCEPT
Re: BR200: How to block WAN completely except for some IP addresses?
> [...] Other LAN WAN traffic should be blocked.
Inbound connecations are blocked by default. Don't run software which makes outbound connections?
> I have not found anything comparable for BR200.
I've never touched a BR200, and the User Manual is far from comprehensive, so I know nothing, but what's wrong with the usual ADVANCED > Security > Block Services stuff, with a rule for ports 1-65535?
Visit http://netgear.com/support , put in your model number, and look for Documentation. Get the User Manual (at least). Read. Look for "Block specific services and applications from the Internet"?
I apologise for my silence due to an illness. Now I was able to test the RB200 extensively. Well, the device gives me a very buggy impression. For example, the instructions in the firewall traffic rules are sporadically not accepted and to be sure, you have to reboot the router...
I could of course block most services, 1-21, 23-442, etc. but that does not prevent e.g. an https page from being opened on an not desired server.
I achieved wished result via settings in the firewall traffic rules.
One has to keep in mind that the order of the rule is important.
So one must first allow the IPs that one wants 1. IP for WIKI ACCEPT 2. IP for GITLAB ACCEPT 3. IP for Timeserver ACCEPT
