Configuring Access Rules for restricted port forwarding on your LRT2x4 router

Port Forwarding redirects communication request to a different IP and port.  It is usually used to redirect a request from the WAN side to the LAN side servers. It is very convenient to access your internal servers from external, but you will find that the forwarding rule doesn’t filter out the IP address.  So, if you create a forwarding rule such as HTTP port 80 to, then all of the Internet devices can access your internal Web server.  This article will guide you on how to configure access rules for restricted port forwarding to enhance your network security.
Step 1:
On your web browser, access your Linksys Gigabit VPN router.  For instructions, click here.
Step 2:
Click Configuration > Forwarding.
User-added image
Step 3:
Select the Service, enter the IP Address then click the Add to list button.
NOTE:  The IP address should be in LAN or Multiple Subnet IP range.
User-added image
Step 4:
Click Firewall > Access Rules.
User-added image
Step 5:
Click Add.
User-added image
Step 6:
Enter the values of the IP address range that you want to deny access to the internal Web server.
NOTE:  In this example, an access rule with IP address range ~ has been set to deny from accessing the internal Web server with IP address
User-added image
  • Action – Allow or deny network traffic. 
  • Service – Select TCP/UDP port number.  You can add service in Service Management.
  • Log – Log packets match this rule or not.
  • Source Interface – LAN, WAN1, WAN2 and ANY.
  • Source IP – Enter IP address by range, single, or select ANY.
  • Destination IP – Enter IP address by range, single, or select ANY.
  • SCHEDULING – Set access rules to Always in effect or taken effect by schedule.
QUICK TIP:  You can check the rule list on Access Rules page.  The access rule created can deny TCP/80 request from ~ on WAN1.  If you use dual WAN, create another rule and change source interface WAN1 into WAN2.
User-added image
NOTE:  You can also deny all source IP addresses first, then only allow exclusive IP address such as the following figure shows.  Notice the priority of access rules.
User-added image

Was this support article useful?

Additional Support Questions?
Search Again