Highlighted
by philly1 Investigator
Investigator

Restrict port forwarding for specific source IP address/range

Hi, 

 

I've turned on port forwarding for remote desktop client, however, I don't want to open up the port for the entire internet! I only want to allow my work's IP address.  This was possible on my SkyHub router by specifying the source IP address range, however I cant see this option anywhere in the port forwarding or firewall sections on the EE Brightbox?

 

Thanks, 

 

Phil 

1 SOLUTION

Accepted Solutions
by Grand Master
Grand Master
Solution

Re: Restrict port forwarding for specific source IP address/range

Can't be done! Doesn't a RDC into your home PC require a login that only you know?

__________________________________________________________________________________________
If you think I helped please feel free to hit the "Star" button below.
To phone EE: The local rate landline number 0207 362 0200 or Freephone 0800 079 8586 - Option 1 for Mobiles; Option 2 for 4G WiFi; Option 3 for Home Broadband & EE TV.

ISPs: 1999: Freeserve 48K Dial-Up => 2005: Wanadoo 1 Meg BB => 2007: Orange 2 Meg BB => 2008: Orange 8 Meg LLU => 2010: Orange 16 Meg LLU => 2011: Orange 20 Meg WBC = 2014: EE 20 Meg WBC
7 REPLIES
by Grand Master
Grand Master

Re: Restrict port forwarding for specific source IP address/range

You can't restrict who can see your open ports but I wonder if you need any. Who initiates a remote desktop session? 

__________________________________________________________________________________________
If you think I helped please feel free to hit the "Star" button below.
To phone EE: The local rate landline number 0207 362 0200 or Freephone 0800 079 8586 - Option 1 for Mobiles; Option 2 for 4G WiFi; Option 3 for Home Broadband & EE TV.

ISPs: 1999: Freeserve 48K Dial-Up => 2005: Wanadoo 1 Meg BB => 2007: Orange 2 Meg BB => 2008: Orange 8 Meg LLU => 2010: Orange 16 Meg LLU => 2011: Orange 20 Meg WBC = 2014: EE 20 Meg WBC
by philly1 Investigator
Investigator

Re: Restrict port forwarding for specific source IP address/range

Hi Xrayspex, 

 

I would be using it to remote desktop into my home PC from my work PC, hence I only need to open up a port to a single IP address (my work IP address).  I don't want to open up the port to everyone for obvious security reasons. 

 

Phil 

by Grand Master
Grand Master
Solution

Re: Restrict port forwarding for specific source IP address/range

Can't be done! Doesn't a RDC into your home PC require a login that only you know?

__________________________________________________________________________________________
If you think I helped please feel free to hit the "Star" button below.
To phone EE: The local rate landline number 0207 362 0200 or Freephone 0800 079 8586 - Option 1 for Mobiles; Option 2 for 4G WiFi; Option 3 for Home Broadband & EE TV.

ISPs: 1999: Freeserve 48K Dial-Up => 2005: Wanadoo 1 Meg BB => 2007: Orange 2 Meg BB => 2008: Orange 8 Meg LLU => 2010: Orange 16 Meg LLU => 2011: Orange 20 Meg WBC = 2014: EE 20 Meg WBC
by philly1 Investigator
Investigator

Re: Restrict port forwarding for specific source IP address/range

That sucks. Restricting port access is quite a fundamental security requirment and is possible on most routers - including my 3 year old sky hub! Wish I'd known this before I switched :-(  yes login is restricted to a username and password on the pc, but I would rather the peace of mind knowing only my work ip address can get that far

by Grand Master
Grand Master

Re: Restrict port forwarding for specific source IP address/range

Then I suggest that you buy your own router. You can't expect ISP routers to have all the bells and whistles.nor to be all the same. The Brightbox has greater functionality than many 

__________________________________________________________________________________________
If you think I helped please feel free to hit the "Star" button below.
To phone EE: The local rate landline number 0207 362 0200 or Freephone 0800 079 8586 - Option 1 for Mobiles; Option 2 for 4G WiFi; Option 3 for Home Broadband & EE TV.

ISPs: 1999: Freeserve 48K Dial-Up => 2005: Wanadoo 1 Meg BB => 2007: Orange 2 Meg BB => 2008: Orange 8 Meg LLU => 2010: Orange 16 Meg LLU => 2011: Orange 20 Meg WBC = 2014: EE 20 Meg WBC
by philly1 Investigator
Investigator

Re: Restrict port forwarding for specific source IP address/range

It's hardly a bell and whistle, as I said, more of a fundamental security feature that's included on most routers. If it allows you to open up a port to the whole internet, should at least allow you to lock it down a bit. Just seems a bit lazy to me - they knew port forwarding is a must for a lot of people so had to include it, but then couldn't be bothered to do that bit extra to allow you to secure it a bit.

by Grand Master
Grand Master

Re: Restrict port forwarding for specific source IP address/range

I highly doubt your contention that's it's on "most" routers when we are talking about ISP-supplied routers.

__________________________________________________________________________________________
If you think I helped please feel free to hit the "Star" button below.
To phone EE: The local rate landline number 0207 362 0200 or Freephone 0800 079 8586 - Option 1 for Mobiles; Option 2 for 4G WiFi; Option 3 for Home Broadband & EE TV.

ISPs: 1999: Freeserve 48K Dial-Up => 2005: Wanadoo 1 Meg BB => 2007: Orange 2 Meg BB => 2008: Orange 8 Meg LLU => 2010: Orange 16 Meg LLU => 2011: Orange 20 Meg WBC = 2014: EE 20 Meg WBC
Let's get started

Join the EE Community to ask, answer, learn and share.