The Graveyard - Products No Longer Supported > COVR-3902-US

Beefing up Wireless security

<< < (2/6) > >>

FurryNutz:
Thats because your blocking the entire internet range with in .1 thru .255. You can't do that.

I believe that that filter is meant for a specific IP address from the WAN to block so if you have a WAN IP address thats trying gain access to something on the LAN side, you would just use that one IP address that is attempting to gain access. Don't use the full IP address range or you block the entire internet.



--- Quote from: 02ebz06 on September 14, 2017, 09:11:58 AM ---Dang, just lost everything I was adding.
I was playing with a IPV4 firewall, but lost outgoing connection when I saved the rule, and everything I had typed in.

Yes, want to block WAN to LAN access.

For the rule, I selected this -->  "Turn IPV4 Filtering ON and DENY rules listed"
The manual isn't 100% clear at to what this means (at least to me).
From the manual: "To begin, use the drop-down menu to select whether you want to ALLOW or DENY the rules you create"
Denying the Rule seems a strange way to word it, so I assume that it means it will deny the access listed in the rule.

Had an issue with setting a WAN rule range.
Can't use 0.0.0.0-255.255.255.255
Lowest you can set is 1.0.0.0  and  highest is 223.255.255.255

So I created this rule"

"Turn IPV4 Filtering ON and DENY rules listed"
Name:         Block WAN Access
Source:       WAN   1.0.0.0-223.255.255.255
Destination:  LAN  192.168.0.0-192.168.255.255
Port Range:   Any
Schedule:     Always Enable


So once I Saved it, I lost outbound network connection.
Obviously that was not what I wanted to happen.

--- End quote ---

02ebz06:
I guess I misunderstood it's function then.
I though it would block any outside IP from trying to access my network.
Don't understand why it blocked outgoing traffic.
So you are saying I need to allow unsolicited WAN devices to access my network?

So no way to block unknown unauthorized IP's from accessing my network?
 

FurryNutz:
I believe thats whats it's for, WAN Side.

You would have to figure out what WAN side IP address are attempting to gain access to block. I believe also that this is a pin hole kind of process as well so if you do want WAN side addresses to have access to the LAN side sources, this is used in this regard, like if you have a server on the LAN side which you want remote WAN side users to have access, then you would allow access from there specific IP addresses thru the firewall.

02ebz06:
No user community, just me and my local servers for my use only, and other LAN connected devices.

Any idea why it blocked outgoing connections?

FurryNutz:
Your range was all inclusive in the configuration so everything got blocked.  ::)



Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version