I’ve got a Flint-2 GL-MT6000 router with a public external IP. I would like to enable incoming SSH traffic to a device on the local network. The device obviously has a fixed IP address, that it gets via the routers DHCP server.
As I only want to connect to this service from two specific public IP adresses, I’d like to create a firewall rule to do so. How can I achieve this?
Have you looked at the luci network->firewall menu. I think you can add a traffic rule to allow SSH from source IP address into WAN destination input (might require 2 rules, one for each source?) and then add a port forward rule to the destination IP. Is that what you are looking for?
I’ll look into that.
I think I got it by editing the managed port-forward rule to match a single subnet, and add a secong port forward rule for the other subnet that I want to allow incoming data from.
Glad you got it working
