TL-ER5120 Access Control not working

TL-ER5120 Access Control not working
TL-ER5120 Access Control not working
2020-06-16 18:12:09 - last edited 2020-06-18 01:35:51
Model: TL-ER5120
Hardware Version: V3
Firmware Version: 3.0.3 Build 20180830 Rel.66624

I have a NAT rule to send 3389 from outside my network to a particular system behind the TL-ER5120. I then have an Access Control setup only to allow 3389 to that computer, through my WAN, if I'm connected to my VPN provider. That way, if my Citrix desktops are down, I can still get in through 3389 if I connect to my VPN.

 

The worked perfectly on my last TP-Link load balance router (TL-R470T+), but just does not work on the TL-ER5120. It doesn't matter what the access control rule is set to... if the NAT rule is enabled, the port is open to any outside IP address.

 

I'm 99.9999% certain I'm not doing this wrong. It's pretty cut and dry. Hopefully I'm wrong.

0
0
#1
Options
2 Replies
Re:TL-ER5120 Access Control not working
2020-06-24 03:55:12

@Cabuzzi 

 

What access control rule did you set?

Generally need to set one rule for allow your specific IP address then set another rule to deny all IP address.

0
0
#2
Options
Re:TL-ER5120 Access Control not working
2020-06-24 17:43:01

@Andone I described the NAT and access rules above, but here they are again:

- NAT rule for RDP from WAN to my office work PC at home

- Access control entry to allow RDP from a particular IP (my Whatbox seedbox, since it's also my VPN provider) to my office work PC at home

- Access control entry to block RDP from IP group any

 

With this setup, I can get through to the office PC via NAT/port forwarding from my seedbox (again, which serves as my VPN). The access control rules do not seem to work, though. The first rule should allow the connection shown below (3rd image, in putty window), but block external connections from other external IPs (4th picture, Powershell window).

 

0
0
#3
Options