The office installed some LAN servers for internal access. And want to block outside access to the servers.
1. a UTT Business Router (hereinafter shorted as “the Router"), such as UTT router N518W, AC750W, AC750GW, AC1220GW, ER518, ER840G, ER528GP, ER2620G and ER4240G. Firmware Version: 3.0.0 or above
2. a PC/laptop connected to the Router, either through its LAN port or wireless network
1. Launch an Internet browser from the PC/laptop and enter 192.168.1.1 in the address bar. Enter the Router username and password when prompted (default username: admin, default password: admin).
2. Go to Firewall > Access Control, enable Access Control switch, make it in blue(working status)
3. Click Add button add a new ACL rule, this rule is to only allow internal LAN users (192.168.1.x) to ping the server.
Applicable users should be set to IP address and started from 192.168.1.1 to 192.168.1.254.
The destination address should be set to IP address, and start from 192.168.1.150 to 192.168.1.250(your servers addresses)
4. Then click Add button to add another ACL rule. choose protocol as ICMP, action should be set to deny, destination as 192.168.1.150 to 192.168.1.250(same as the 1st ACL rule)
Click save to finish the ACL settings.
The router will automatically abandon the ICMP packets whose destination is 192.168.1.150 to 192.168.1.250.
You can try to ping the address to confirm if the ACL is working or not.
Shown as below, when this deny ACL is enabled, it will block the outside ping request to 192.168.1.250.