Menu
What's new
By:
Filters Better Search

Custom inbound port forwarding/firewall rules that are restricted to specific WAN IP address ranges

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

J

Jason303

New Around Here
Custom inbound port forwarding/firewall rules that are restricted to specific WAN IP address ranges.

I am looking for some advice on which router I should purchase. The router can be wired or wireless (I would disable the wireless if it had it) with one WAN port and four or more wired LAN ports.

The main feature I need is the ability to create firewall port forwarding rules such as HTTP, HTTPS and other custom inbound services that would only work for WAN IP addresses in a specific range: XXX.XXX.XXX.XXX through YYY.YYY.YYY.YYY. The range of WAN IP addresses typically includes 10 different sequential IP addresses, such as XXX.XXX.XXX.123 through XXX.XXX.XXX.133.

For example:

Service Name: HTTP (TCP port 80)
LAN Server IP Address: 192.168.1.2
WAN Users: 123.456.789.123 through 123.456.789.133

So far I haven’t had much luck finding a router that can do this…

The first router, ASUS RT-AC68U, could only enter firewall rules for a single IP address per rule with a limit of 32 total rules. This wouldn’t work because I would run out of rules before configuring it and this would be a hassle to implement and administrate.

The second router, DLink DIR-890L, would allow me to enter the rules but would delete them every time I went to save them. I even tried the beta firmware version 1.09 that did the same thing. I documented the issue on the DLink forum: http://forums.dlink.com/index.php?topic=63841.0

I could really use some suggestions on which router to go with since this WAN address filtering doesn’t appear to be something that a lot of everyday users are doing with their mainstream routers and it vital to me for selecting a new router.

The best performing WAN to LAN, LAN to WAN and total throughput router $300 or less would be my preference.

Thank you!
 
I think you want a router which supports ACL, access control lists, in the router otherwise you are stuck modifying iptables which are not user friendly. With an ACL you can use scopes so you do not need to enter every IP address.

I have a Cisco RV320 router which supports ACLs but I am having a problem with routing multiple networks so I am waiting for new firmware. Maybe read the specs on the wired only Linksys router to see if they have ACLs on current routers. They did in the old days with the older routers. The ER light may be configured using ACLs in the GUI interface. You need to check. There are probably others. Hopefully other people will chime in.
 
coxhaus said:
I think you want a router which supports ACL, access control lists, in the router otherwise you are stuck modifying iptables which are not user friendly. With an ACL you can use scopes so you do not need to enter every IP address.

I have a Cisco RV320 router which supports ACLs but I am having a problem with routing multiple networks so I am waiting for new firmware. Maybe read the specs on the wired only Linksys router to see if they have ACLs on current routers. They did in the old days with the older routers. The ER light may be configured using ACLs in the GUI interface. You need to check. There are probably others. Hopefully other people will chime in.
Click to expand...

Thanks for the suggestion! I'm guessing from the lack of response to this topic that my request is not common? /shrug
 
Jason303 said:
Thanks for the suggestion! I'm guessing from the lack of response to this topic that my request is not common? /shrug
Click to expand...

Yes your situation is a little out of the ordinary. When you pair that with the requirement to have at least 4 LAN ports and $300 or under, it makes it pretty difficult.
The two that come to my mind that meet these requirements are the Ubiquiti Edgerouter POE-5 and the ZyXEL ZyWALL USG40.
I have both but no longer use the Ubiquiti as I needed some of the advanced features on the Zyxel. They can both do what you want, but you may have to use command line programming on the Ubiquiti. The ZyXel can do what you want but it may be overkill (though it does meet all your criteria).
I would also bet that MikroTik makes a router that would meet all your requirements, but I am not very familiar with them.
 
abailey said:
Yes your situation is a little out of the ordinary. When you pair that with the requirement to have at least 4 LAN ports and $300 or under, it makes it pretty difficult.
The two that come to my mind that meet these requirements are the Ubiquiti Edgerouter POE-5 and the ZyXEL ZyWALL USG40.
I have both but no longer use the Ubiquiti as I needed some of the advanced features on the Zyxel. They can both do what you want, but you may have to use command line programming on the Ubiquiti. The ZyXel can do what you want but it may be overkill (though it does meet all your criteria).
I would also bet that MikroTik makes a router that would meet all your requirements, but I am not very familiar with them.
Click to expand...

I would love a router as simple as possible that would do the WAN filtered port forwarding. Would you recommend the Ubiquiti Edgerouter POE-5 or ZyXEL ZyWALL USG40 for ease of use and performance? Thanks!
 
abailey said:
Yes your situation is a little out of the ordinary. When you pair that with the requirement to have at least 4 LAN ports and $300 or under, it makes it pretty difficult.
The two that come to my mind that meet these requirements are the Ubiquiti Edgerouter POE-5 and the ZyXEL ZyWALL USG40.
I have both but no longer use the Ubiquiti as I needed some of the advanced features on the Zyxel. They can both do what you want, but you may have to use command line programming on the Ubiquiti. The ZyXel can do what you want but it may be overkill (though it does meet all your criteria).
I would also bet that MikroTik makes a router that would meet all your requirements, but I am not very familiar with them.
Click to expand...

If we didn't have a monetary limit, would there be a better router that works with a more simple installation than the Ubiquiti Edgerouter POE-5 or the ZyXEL ZyWALL USG40?
 
Jason303 said:
If we didn't have a monetary limit, would there be a better router that works with a more simple installation than the Ubiquiti Edgerouter POE-5 or the ZyXEL ZyWALL USG40?
Click to expand...

I don't know if there would be any that are easier. The Zyxel USG40 is pretty simple once you get the hang of it. Everything can be done from the GUI. That being said with more money there would be many more options, some possibly being easier to use. With any prosumer or pro router, though, you will need to have some knowledge about routing in order to set up the rules.
 
You must log in or register to reply here.

Similar threads

Vagabond
ASUS RT-AX58U Firewall Rules
Replies
6
Views
542
rgnldo
rgnldo
B
Firewall lan - vpn?
Replies
0
Views
267
blast
B
C
IPv4 Firewall/Port-Forwarding - Appear to be the same thing on Asuswrt
Replies
4
Views
733
chrisisbd
C
GShlomi
Two WANs but not dual-WAN, with port-forwarding
Replies
7
Views
448
GShlomi
GShlomi
Q
VPN Fusion and firewall/port forwarding
Replies
0
Views
168
qpeg
Q

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 765 (members: 19, guests: 746)
Top