TP Router wvr450g access control settings First step, add address group
For example, an enterprise using a corporate router, need to achieve market access to the Internet unrestricted, research and development department can only send and receive mail, other departments can only browse the Web page. According to the requirements, develop the following configuration table
Note that the above parameters are for reference only, specific to the actual application prevail.
Add the user groups in the marketing, research, and other departments, and the subsequent control rules are for access control for these groups.
TP Router wvr450g access Control settings Step two, set access policy rules
1, set the rules of the marketing department
Login to the router's management interface, click Firewall >> Access Policy, add policy rules to allow the marketing department to access all network applications, as shown in the following figure
2, set up research and development Department rules
Only allow the research and development department to send and receive mail (that is, open smtp25,pop3:110,dns53) port, add rules as follows
Collect message rules Add an access rule that allows POP3 (port 110):
Send Message rule Add Add access rules that allow SMTP (port 25)
Add a DNS rule to add an access rule that allows DNS (port 53)
Note that the DNS service is required by all departments, so the source address and destination address range Select any;
3, add other department rules
Employees in other departments only allow browsing of web pages, that is, only open HTTP (80 ports), add the following rules
Note DNS rules have been added in 2, and you do not need to add them again.
4, the default rule add
Because the access policy rule defaults to allow, you need to add a rule that prohibits all access to achieve the requirement, as follows
After the addition is complete, the general rules are as follows
At this point, the access policy rule is set to complete, and all computers in the local area network will have access rights to the appropriate department.