Configuration scheme, Configuration procedure, Configuration scheme configuration procedure – TP-Link Omada ER8411 VPN Router User Manual

Configuring Firewall

Configuration Examples

User Guide 121

3.2.2 Configuration Scheme

To meet these requirements, we can configure Access Control rules on the router to filter

the specific types of packets from R&D department: only the HTTP and HTTPs packets

are allowed to be sent to the internet, and other types of packets are not allowed. The

configuration overview is as follows:
1) Add an IP group for the R&D department in the

Preferences

module.

2) By default, the HTTP service type already exists, and you need to add HTTPs to the

Service Type list in the

Preferences

module.

3) Create two rules to allow the HTTP and HTTPs packets from the R&D department to be

sent to the WAN.

4) Since visiting the internet needs DNS service, add a rule to allow the DNS packets to be

sent to the WAN. DNS service is already in the Service Type list by default.

5) Create a rule to block all packets from the R&D department to the WAN. This rule should

have the lowest priority among all the rules.

3.2.3 Configuration Procedure

Follow the steps below to complete the configuration:
1) Choose the menu

Preferences > IP Group > IP Address

to load the configuration page,

and click

Add

. Specify a name RD, select

IP Address Range

and enter the IP address

range of the R&D department. Click

OK

.

Figure 3-2 

Configure IP Address Range

2) Choose the menu

Preferences > IP Group > IP Group

to load the configuration page,

and click

Add

. Specify a group name “RD_Dept”, select the preset address range

"

RD”

and click

OK

.