Question

hello all

I have rut950, public static IP on WAN, PC, and RTU on LAN site.

I want to use L2TP as VPN , and comunicate with RTU - iec104 - port 2404, also diagnostic on 443 port.

if PC on LAN will connect be able to go to internet http/https

I want to drop all on WAN site except L2TP, and 2404, 443 port.

I have to say I lost with setting FW - what is necessary "disable",  if do any with "FW General settings" drop In, Out??

What with  ZoneFW, and how to end last line in "FW - Traffic rules"

When I use FW in previous with diffrent webGUI  (no Teltonika) there  was central FW ENA/DISABLE

then 

1step .. allow .. WAN to LAN , possibility IP, ports

last step drop ALL WAN/LAN

What setting from RUT is for enabling FW, for allowed WAN to LAN L2TP, 2404, 443 and for allowed http from LAN to internet?

thanks lot for advice

Jan

Comments

hi,

maybe a bit wrong explanation

FW for L2TP allowed, WAN drop

Answer 1

Hello, 

Regarding your query, you can do it by creating traffic rules you can get more information at this link: 
RUT950 Firewall - Teltonika Networks Wiki (teltonika-networks.com)

Just create rules what you want to drop. Let say you want to allow connection from WAN to L2TP to port 62 you will specify it like this:


Where the source zone is  WAN and Destination zone will be Any and Destination port is 67 and action will set to accept. 

For disabling you can create a different rule. But the same method will apply. 

Regards,
Jerome

Comments

hi,

tNX,

but that open more questions, and about setting zone forward if necessery to solve there wasnt any comment

---

Most likely if you really want to traffic and exclude between zones you will do it on zone forwarding but if you want to do it with certain conditions you will do it on Traffic Rules.

Regards,
Jerome

---

hi,

thanks a lot, I think I am doing small steps to understand method how divided interface/ Ip and port space and use convenient rules.