Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3215
Views
0
Helpful
1
Replies

RV042 Port forwarding stops working when Firewall is enabled

theoribeiro
Level 1
Level 1

‎06-04-2013 08:20 PM

Hey all,

I have a RV042 router on a single WAN and an internal LAN. I have configured port forwarding as follows:

HTTP[TCP/80~80]->10.0.0.6
HTTPS[TCP/443~443]->10.0.0.6
IMAP[TCP/143~143]->10.0.0.5
IMAP SSL[TCP/993~993]->10.0.0.5
SMTP SSL[TCP/587~587]->10.0.0.5

Everything works just fine when I have the firewall DISABLED. However, when I enable it the behaviour is erratic. 1 out of 10 attempts to connect to ANY port forwarded works. Almost all attempts time out.

Notice that this happens even if using only the default firewall rules (which should be bypassed by the port forwarding as I read in other posts).

My second try was to create firewall rules manually, overriding the default ones. I tried adding rules from source WAN1 (where my connection is) to ANY and to SINGLE IP's on every port. Nothing seems to work.

I don't know what I'm doing wrong, this is really bugging me. I had to turn the firewall off so we can access our servers from outside the office. This shouldn't have to be done.

Do you know anything I could try?

Best regards,

Theo

EDIT:

Just found out that my firewall is getting LOTS and LOTS of Blocked - SYN Flood entries. I think this is why we are having trouble with the firewall. Could this be the problem? I have no idea where all these SYN packets are coming from since they appear with spoofed IPs or come from different bots all over.

Labels:
0 Helpful
1 Reply 1

Tom Watts
VIP Alumni
VIP Alumni

‎06-05-2013 07:35 PM

Hi Theo, if you want to over ride the default state table, you need to first make firewall rules to block all access then make your permission rules.

Such an example would be-

Action Deny

Service All

Source interface WAN

Source IP any

Destination IP any

Save

Action Permit

Service RDP

Source interface WAN

Source IP -xx.xx.xx.xx

Destination IP - xx.xx.xx.xx

Save

As for your concern about the syn flood, it can be a likely cause of your problems. Does the logging facility of the router give any indications?

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
0 Helpful
Customers Also Viewed These Support Documents