Advanced topics Using the firewall command
Digi TransPort WR Routers User Guide
504
Allow HTTPS access on a WAN
To allow HTTPS access on a WAN interface:
1. Open the command-line interface, either from a command prompt or the web interface
System > Device Console option.
2. Use the wan command allow-https-access option to toggle HTTPS access on a WAN. For
example, to allow HTTPS access on WAN 1:
digi.router> wan 1 allow-https-access on
3. Save the configuration.
digi.router> save config
Allow HTTPS access on a WAN from only a specific source IPaddress
To allow HTTPS access on a WAN interface:
1. Open the command-line interface, either from a command prompt or the web interface
System > Device Console option.
2. Use the ip-filter command to allow incoming connections from hosts on the 10.20 network to
HTTPS (port 443). For example, assuming port 443 is the HTTPS port, enter commands similar
to the following:
digi.router> ip-filter 1 description Allow WAN HTTPS only from 10.20
network
digi.router> ip-filter 1 action accept
digi.router> ip-filter 1 src any-wan
digi.router> ip-filter 1 src-ip-address 10.20.0.0/16
digi.router> ip-filter 1 dst-ip-port 443
digi.router> ip-filter 1 state on
3. Use the wan command allow-https-access option to prohibit HTTPS access on a WAN. For
example:
digi.router> wan 1 allow-https-access off
4. Save the configuration.
digi.router> save config
Add a firewall rule
Note Take care when inserting or updating rules. The number of rules and the position of system rules
may change when you configure some TransPort components. See Understanding system firewall
rules for details.
Add a rule to the bottom of the firewall
To add a rule to the bottom of the firewall, use the firewall or firewall6 command –A option, using the
following syntax. The command syntax is case-sensitive.
firewall [-t table] –A <chain> <rule>
To Next Page
Loading...
