03-26-2019 09:00 AM
We have configured firewall rules to block "All Traffic (UDP and TCP)" from specific IP address ranges. These rules are not blocking incoming connections to ports 500 and 4500 for these address ranges. How do we block these ports when they should already be blocked by the "All Traffic" rule?
03-26-2019 09:17 AM
With out seeing your rule base, we can not assume why it was not blocked.
you need provide rule base and what order they are ?
03-28-2019 09:56 AM
How do I export or provide the rule base?
If I set up this rule, and place it at priority 1, then how is any connection accepted from this IP range
DENY
All connections (TCP and UDP) range 1-65535
Source Interface: ANY
Source - Range - 222.184.0.0 ~ 222.191.255.255
Destination IP: ANY
Scheduling: Always
In the logs you will later see, for example, several BLOCKed connections from addresses in this range at various destination ports, but will consistently see ALLOW connections to ports 500 (UDP) and 4500 (UDP) from addresses in this source range (such as 222.184.115.203)
03-28-2019 01:40 PM
222.184.115.203 what is this IP. is this your WAN Side IP address ?
Do you have IPSEC VPN enabled on RV320, 500 (UDP) and 4500 (UDP) this ports allowed if you enabled IPSEC VPN.
04-03-2019 03:34 PM
The example IP address shown is in a block of IP addresses from China which are attacking/probing our routers from the WAN side (hundreds of entries in the router logs probing various common listening ports).
Yes, we have IPSEC configured (router as a local IPSEC server, not pass-through); but I still cannot understand why a connection from a blocked IP range is allowed on ANY ports including the IPSEC and IPSEC-NAT ports?!
04-03-2019 04:34 PM
Suggest to enable the feature come with the kit DoS attack protection.
Since any interface/ip facing public side have some attacks will take place. either you close fully block, still the port-scan from attacker always be there.
that is the reason we need a strong FW block our internal LAN from these kind of attacks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide