Reply

AC750 D6000 Inbound firewall rule

NoWone
Luminary

AC750 D6000 Inbound firewall rule

Hello,

I recently purchased an AC750 Wifi DSL modem router (I "upgraded" from a DGN2200) and I cannot find a way to set up an inbound firewall rule. In the old interface it was under port forwarding, in the new one ("Genie") it seems to be absent. I cannot believe such a basic function is missing.

 

Is there a way to set up a straight firewall rule with the D6000 or I'll have to go back to my old router (or a competitor's product).

 

Thanks for the attention.

Fabio.

 

Message 1 of 7

Accepted Solutions
TheEther
Guru

Re: AC750 D6000 Inbound firewall rule

Judging from the D6000 User Manual, I'd say it's not possible to restrict port forwarding by incoming IP address.  But given the relative ease of spoofing IP addresses by a competent hacker, I'd say that it's not a important feature to have.  If your LAN server has an internal firewall, you could install a filter there to restrict by incoming IP address.

View solution in original post

Message 4 of 7

All Replies
Babylon5
NETGEAR Employee Retired

Re: AC750 D6000 Inbound firewall rule

I looked at the DGN2200 manual, and couldn’t see anything relating to incoming traffic other than Port Forwarding rules, and Port Triggering. I didn’t see anything described as an ‘Inbound Firewall Rule’, could you please describe what kind of rule you previously set up with the DGN2200?

____________________________
Working on behalf of Netgear
My name is Andy
Message 2 of 7
NoWone
Luminary

Re: AC750 D6000 Inbound firewall rule

Thanks for the quick reply, Andy.

 

I was talking about port forwarding. If IE I want a port to be accessible from one IP only, I could do that with the old router. Check the following screenshots:

 

router_firewall1.png

 

When adding a rule:

 

router_firewall2.png

 

 

these features are not present in the new interface, and the new router is a considerably more expensive one. I work in IT and often work from home so for me is crucial to be able to block traffic towards certain hosts/ports.

 

I'm sorry for don't being clear the first time, thanks again for your time.

 

Fabio.

 

 

 

Message 3 of 7
TheEther
Guru

Re: AC750 D6000 Inbound firewall rule

Judging from the D6000 User Manual, I'd say it's not possible to restrict port forwarding by incoming IP address.  But given the relative ease of spoofing IP addresses by a competent hacker, I'd say that it's not a important feature to have.  If your LAN server has an internal firewall, you could install a filter there to restrict by incoming IP address.

Message 4 of 7
Babylon5
NETGEAR Employee Retired

Re: AC750 D6000 Inbound firewall rule

OK NoWone, thanks for clearing that up. I think you and TheEther are correct in saying that the facility you want is not available in the D6000, and I suspect this is because the DGN2200 is also a VPN capable router which requires increased functionality for dealing with incoming data. Unfortunately I don’t think the functionality you would want is likely to be added to the D6000.

____________________________
Working on behalf of Netgear
My name is Andy
Message 5 of 7
NoWone
Luminary

Re: AC750 D6000 Inbound firewall rule


@TheEther wrote:

Judging from the D6000 User Manual, I'd say it's not possible to restrict port forwarding by incoming IP address.  But given the relative ease of spoofing IP addresses by a competent hacker, I'd say that it's not a important feature to have.  If your LAN server has an internal firewall, you could install a filter there to restrict by incoming IP address.



Yes if I keep the router I'll have to do that and apply a filter on servers. They're linux machines so I can configure iptables. Thanks for the tip.

 

Fabio.

 

Message 6 of 7
NoWone
Luminary

Re: AC750 D6000 Inbound firewall rule


@Babylon5 wrote:

OK NoWone, thanks for clearing that up. I think you and TheEther are correct in saying that the facility you want is not available in the D6000, and I suspect this is because the DGN2200 is also a VPN capable router which requires increased functionality for dealing with incoming data. Unfortunately I don’t think the functionality you would want is likely to be added to the D6000.


 

Thanks for your help. I'll decide what to do with the new router.

 

Fabio.

Message 7 of 7
Top Contributors
Discussion stats
  • 6 replies
  • 5437 views
  • 2 kudos
  • 3 in conversation
Announcements

Orbi WiFi 6E