Home/Support/Support Forum/Firewall Script Help - WR31
New and improved user forum site coming soon
Welcome to Digi Forum, where you can ask questions and receive answers from other members of the community.

Firewall Script Help - WR31

0 votes
Hello all. I am new to Digi as I have typically used Cradlepoint units prior, but it looks like there are more robust features in the Digi. So please excuse my ignorance.

But here is what I am looking to do...

1.) Allow all traffic from a specific WAN IP address as is comes into the Cellular interface to be allowed.
2.) Allow all PPTP Port 1723 Traffic from any IP via the Cellular interface. (Note, I have sucessfully configured and tested the PPTP Server on the WR31 using PPP 5)
3.) Block all internet traffic requests to the internet from the PPTP Clients (range
4.) Allow PPTP Clients to access a device via port 80 at ip address
5.) Block everything else.

My issue is that I have figured out items 1 and 2.

But I have only been able to fix item 3 by forcing an invalid DNS server via the PPTP Server (i.e. so nothing will resolve. But if the user knows the IP and does not need DNS, I would assume traffic would flow out which is not good.

Also, whereas Item 1 I have working, it seems that PPTP Clients cannot connect to either my device at or the WR31 at and I cannot figure out why.

I am just looking for a little bit of firewall script help here as the syntax seems a bit cryptic to me.

Any help is apperciated.
asked Jan 22, 2016 in Digi TransPort Cellular by webbyz New to the Community (0 points)

Please log in or register to answer this question.

1 Answer

0 votes
in connection to point 3

if you want to block all traffic from

you would be better using a subnet to cover .17-31

block out break end on ppp1 from to any

as the source of the traffic would be in this subnet and this shound not pass out of the PPP interface


answered Jan 26, 2016 by James.Wilson Veteran of the Digi Community (1,227 points)