Cradlepoint MBR95 User Manual

CRADLEPOINT MBR95| USER MANUAL Firmware ver. 3.2.4

© 2011

CRADLEPOINT, INC. PLEASE VISIT

HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/

FOR MORE HELP AND RESOURCES

PAGE 61

6.4.2

IP Filter Rules

An "Incoming" IP filter rule restricts remote access to

computers on your local network. "Outgoing" filter rules

prevent computers on your local network from initiating

communication to the address range specified in the rule.
This feature is especially useful when combined with port

forwarding and/or DMZ to restrict remote access to a

specified host or network range. For example, you might have opened ports in order to host a gaming server with a port

forwarding rule that could expose your LAN to cyber attacks. With an incoming IP filter rule, you can restrict the access to

your LAN to only the computers of friends who have been invited to join your game.



Name: Name your rule.



Direction: ―Incoming‖ or ―Outgoing‖



Action: ―Allow‖ or ―Deny‖



Start Port: Use for a single port or a range of ports.



End Port: Use for a single port or a range of ports.



Network Address



Subnet Mask

Use

Start Port, End Port, Network Address, and Subnet Mask to

specify the ports and addresses for which the rule applies. You can

specify a range of ports or a single port (by inputting the same value in

both port fields). Similarly, the subnet mask can be used to define

either a range of addresses (i.e. 255.255.255.0) or a single address

(255.255.255.255).

Example of an IP Filter Rule: Suppose you have opened a port in your firewall in

order to run a server. Someone, Johnny, is abusing that opening, so you would like to

restrict his access. Create a rule that will deny Johnny‘s IP address.



Name: No more Johnny



Direction: Incoming



Action: Deny