Correct NAT and Firewall settings on ER605
I've checked the posts in this Community, but somehow the question hasn't been fully answered. I'd like to refresh the thread.
Question is: How to correctly configure NAT and Firewall settings on the router to allow port forwarding from WAN to LAN to one particular host:port, and block any other traffic WAN->LAN other than RELATED?
In particular:
1) Is setting Virtual Server for this one particular host:port enough as it has been mentioned many times that "this router is a NAT device, by default it can not actively access the LAN from the WAN side as long as you have not set advanced settings such as port forwarding."?
2) Do I need additionally explicitely allow traffic from WAN to LAN (host:port) in the ACL Firewall rules? How to set it correctly?
3) Do I need additionally the rule to reject all other traffic as the last ACL Firewall rule?
Thanks!