Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
609
Views
0
Helpful
1
Replies

RV260 firewall: Block outgoing SMTP and log it + open up for outgoing IRC connection

Boegh
Level 1
Level 1

‎03-21-2021 05:57 AM

I have just purchased a Cisco RV260 with the intent of beefing up security on our home network a bit, from the default router (now in bridge mode) provided by our ISP.

I have run into the following issue with the firewall settings though. My rule set is very basic and the configuration of the Cisco-device is mostly default (I am syslog'in to a Linux-box on my VLAN which works flawlessly but that's it). These are my rules:

 

Capture.PNG

 

My problems:

  1. 1) While rule no. 1 does indeed block outgoing SMTP-attempts (port 25/tcp as default set in the 'Service Management') it does not log it. Logging is set to 'Always' in the settings. Is there anything else that needs to be done?
  2. Rule no. 2 does not seem to have any impact of allowing clients on the VLAN (I only have the one) to connect to IRC-servers (port 6667/tcp). IRC is fairly straight forward and I can't even do simple connection. The service is one I have made, stating ports 6667-7000/tcp. Shouldn't this be sufficient to allow clients to connect to outside IRC-servers?
    I am also not able to make whois lookups through it, which I suspect is due to the same issue.

Firmware version should be the latest: 1.0.01.02.
I am using the Cisco-device to provide NAT to one single VLAN, which allows Inter-VLAN Routing and Device Management.

 

Labels:
0 Helpful
1 Reply 1

nagrajk1969
Spotlight
Spotlight

‎05-15-2021 02:10 PM

Hi

For solving this issue with IRC,

Step-1:

a) you should first delete the access-rule for IRC that you have added

b) You dont require a access rule to permit for IRC...and in this case its not working even with permit not becos of the firewall in the overall sense...BUT its not working for you becos of how IRC connection works...

 - for every IRC-client connection to the remote IRC-server on any TCP-ports 6660-7000 range, the remote server will initiate a TCP connection on port 113 back to the client

- so here you will need a Port-Triggering rule instead of a Access-Rule

 

Step-2:

Assuming that you have already created 2 service records as below:

name: IRCOutbound

Proto: TCP; Start-port: 6660; End-Port: 7000

 

And

 

name: IRCInbound

Proto: TCP; Start-port: 113; End-Port: 113

 

 

 a) After deleting the access-rule above and apply, go to the Port-Triggering page under Firewall and add an entry as below:

ApplicationName: MyIRC1

Trigger_Service: IRCOutbound

Incoming Service: IRCInbound

Interface: WAN

thats all, apply and then save

 

Now connect from the IRC-client behind the RC260, this should work...

 

Br

 

 

0 Helpful
Customers Also Viewed These Support Documents