Allow internet traffic from one region to a device

Follow

Shaun Williams

• December 24, 2022 16:14

I have a separate VLAN for any devices I want to openly expose ports to the internet on.  For example, I have a Netgear NAS that has a web interface on port 443. However, i would like to only allow US IP addresses to connect.

I am forwarding port 443 to the device. The generic block all traffic from the internet to devices rule is obviously in place. But when I "ALLOW the region United States on NAS device" the connection is refused. If I change the rule to "ALLOW all traffic from Internet on NAS device" it works.  Am I misunderstanding how the Allow United States on NAS device works? 

2

• 

  Firewalla

  • December 24, 2022 17:41

  You should use this to lock traffic https://help.firewalla.com/hc/en-us/articles/1500009502622-Create-Port-Forwarding-on-Gold-Purple#h_01G6WRKH0DA4QVD0JGKG34GBQ5

  If you can't get in, try to look at the block flows and see if the source address is marked correctly

  0

  Comment actions Permalink
• 

  Shaun Williams

  • December 24, 2022 21:33

  Excellent… this works. I knew I was missing something.

  0

  Comment actions Permalink

Please sign in to leave a comment.