Block TCP port from WAN to LAN

Block TCP port from WAN to LAN
Block TCP port from WAN to LAN
2022-08-08 05:34:08 - last edited 2022-08-10 05:50:04
Tags: #configuration
Model: AC500  
Hardware Version: V2
Firmware Version:

Dear Support,

 

I would like to configure my Omanda SDU Cloud to block TCP/UDP ports from the internet to private lan in the office. I only found the configuration is from LAN to WAN.

How do i configure it to block internet ( WAN ) to LAN?

 

Appreiate your advise.

 

 

Thanks

 

SHRM

  0      
  0      
#1
Options
9 Reply
Re:Block TCP port from WAN to LAN
2022-08-09 08:48:57

  @SHRM-IT 

 

What is your current version of the controller?

Mine is 5.4.7, when I go to ACL, choose Direction-----WAN IN.

 

Here you can set the rule for blocking internet ( WAN ) to LAN.

 

  0  
  0  
#2
Options
Re:Block TCP port from WAN to LAN
2022-08-09 09:02:12

  @Virgo 

 

What router do you have?

 

this option is removed in site when router is adopted, I have all routers and this is the same on all of it. no direction option.

 

@Fae 

 

Is this unsupported on routers and when will routers support this function?

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  0  
  0  
#3
Options
Re:Block TCP port from WAN to LAN
2022-08-09 19:02:19

  @SHRM-IT 

 

An old trick I used is just to port forward those ports I want blocked to non-existent IP addresses.

  0  
  0  
#4
Options
Re:Block TCP port from WAN to LAN
2022-08-09 22:25:27

  @SHRM-IT Isn't all traffic from the WAN blocked to the LAN by default?  Am I misreading what you are trying to do?

  0  
  0  
#5
Options
Re:Block TCP port from WAN to LAN
2022-08-10 01:00:53

  @d0ugmac1 

 

How do you config the route of all incoming ( internet ) IP ,probing 3389 ,which are undesirable to a non-existing IP? Basically my Omanda version is 4.3.5 and I wish to block those ports from scanning our internal IP...

 

Thanks

  0  
  0  
#6
Options
Re:Block TCP port from WAN to LAN
2022-08-10 01:03:54
am sorry but I am new to this Cloud device. Basically I do not have a purview of this as there is no log to indicate any WAN address blocked at the perimeter of our router. I do not mind having WAN addresses from accessing but I need to have an overview of the TCP/UDP ports these addresses are probing our internal IP addresses.
  0  
  0  
#7
Options
Re:Block TCP port from WAN to LAN
2022-08-10 05:51:24

  @shberge 

 

I'm using ER605 V1, which for some reason is in Standalone, and as you say, I tried it, then .........the Direction option disappeared.frown

It seems that the current firmware version of the ER605 is not yet adapt with the latest version of the controller, maybe the next version will be.

  0  
  0  
#8
Options
Re:Block TCP port from WAN to LAN
2022-08-10 11:40:07

  @SHRM-IT 

 

To points made earlier, this suggestion (below) really only makes sense if you've enabled a DMZ....otherwise, those probes go nowhere anyways....

 

 

  0  
  0  
#9
Options
Re:Block TCP port from WAN to LAN
2022-08-11 01:46:50

  @d0ugmac1 

 

Thanks . this configuration seems to block ext IP from probing internal ip on port 3389. Will give it a try. Thanks again

  0  
  0  
#10
Options