Datto Network Manager: How do I configure firewall and port forward settings on Datto Routers?

Follow

Question

How do I configure firewall and port forward settings on Datto Routers?

Environment

  • Datto Network Manager

Answer

Accessing firewall configuration options

1. In the Datto Network Manager Navigation menu, click Manage, then select Routers from the expanded options.

mceclip1.pngFigure 1: The Navigation menu (click to enlarge)

2. Click the name of the router you want to configure. 

mceclip1.pngFigure 2: The Routers page (click to enlarge)

3. Select Firewall from the expanded router options in the Navigation menu. 

mceclip2.pngFigure 3: Expanded router option (click to enlarge)

Configuring router options

Port forwards

This section lets you forward a specific port from the router's WAN interface to an IP address on your LAN. For example, you could enable outside access to an internally-hosted web server by adding a port forwarding entry with:

  • an Incoming Port and Destination Port of 80
  • the Destination IP of the server's local LAN IP address.

You can configure the following port forward options:

  • Device name: The hostname of the device requesting access
  • Incoming port: The port through which traffic from the internet will enter the router. You can also specify a range of ports (e.g., 1000-2000). Incoming ports and destination ports should be the same unless otherwise specified
  • Protocol: The transfer protocol forwarded traffic will use (TCP, UDP, or all)
  • Destination IP: The internal address of the forwarded traffic
  • Destination port: The port on the internal device through which forwarded traffic will travel
  • Add/Remove: Adds or removes a port forwarding rule

mceclip3.pngFigure 4: Port forwards (click to enlarge) 

Custom traffic policies

This feature requires D200 firmware release 1.0.7 or later.

This section lets you configure access control lists (ACLs) to allow or deny traffic movement through the router. You can use these to:

  • control where internal traffic can go.
  • use port forwarding entries to control what internal resources traffic from the internet can reach.

You can configure the following custom traffic policy options:

  • Policy name: A descriptive name letting admins know the policy's purpose
  • Action: Specify the action to take (block or allow)
  • Protocol: Specify the protocol to which the policy applies (TCP, UDP, or all)
  • Source IP: Designate an originating external IP address to which the policy will apply
  • Incoming port: Specify a port through which allowed traffic would enter the network
  • Destination IP: Specify an individual IP address or range of internal IP addresses that can receive permitted traffic
  • Destination port: Designate a port on the device through which to receive allowed traffic
  • Add/Remove: Adds or removes a custom traffic policy 

mceclip4.pngFigure 5: Custom traffic policies (click to enlarge)


Was this article helpful?

0 out of 0 found this helpful

You must sign in before voting on this article.

Want to talk about it? Have a feature request?

Head on over to our Datto Community Forum or the Datto Community Online.

For more Business Management resources, see the Datto RMM Online Help and the Autotask PSA Online Help .

Still have questions? Get live help.

Datto Homepage