- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Blocking WAN -> LAN Traffic
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
According to previous posts, the NightHawk Router should already be blocking WAN -> LAN access but it isn't. I have a IP SIP phone on my internal network that is constantly getting hit with request on port 5060 causing it to ring. I have disabled UPnP and don't have DMZ or port forwarding active yet I am still getting access thru to my phone.
Any Ideas or assitance to help block this??
Here is a snip of the log:
[LAN access from remote] from 195.154.181.160:5074 to 192.168.1.6:5060, Thursday, Jan 19,2017 09:39:40
[LAN access from remote] from 195.154.181.160:5071 to 192.168.1.6:5060, Thursday, Jan 19,2017 09:32:53
[LAN access from remote] from 195.154.181.160:5074 to 192.168.1.6:5060, Thursday, Jan 19,2017 09:26:06
[LAN access from remote] from 195.154.185.202:5070 to 192.168.1.6:5060, Thursday, Jan 19,2017 09:21:02
[LAN access from remote] from 195.154.181.160:5071 to 192.168.1.6:5060, Thursday, Jan 19,2017 09:19:10
[LAN access from remote] from 209.126.120.187:5090 to 192.168.1.6:5060, Thursday, Jan 19,2017 09:16:52
[LAN access from remote] from 195.154.181.160:5078 to 192.168.1.6:5060, Thursday, Jan 19,2017 09:12:21
[LAN access from remote] from 195.154.181.160:5074 to 192.168.1.6:5060, Thursday, Jan 19,2017 09:05:31
[LAN access from remote] from 195.154.181.160:5070 to 192.168.1.6:5060, Thursday, Jan 19,2017 08:58:35
[LAN access from remote] from 195.154.181.160:5076 to 192.168.1.6:5060, Thursday, Jan 19,2017 08:51:45
[LAN access from remote] from 209.126.120.203:5224 to 192.168.1.6:5060, Thursday, Jan 19,2017 08:47:52
[LAN access from remote] from 195.154.181.160:5078 to 192.168.1.6:5060, Thursday, Jan 19,2017 08:44:53
[LAN access from remote] from 195.154.181.160:5070 to 192.168.1.6:5060, Thursday, Jan 19,2017 08:38:01
[LAN access from remote] from 195.154.181.160:5076 to 192.168.1.6:5060, Thursday, Jan 19,2017 08:31:16
[LAN access from remote] from 195.154.181.160:5071 to 192.168.1.6:5060, Thursday, Jan 19,2017 08:24:35
[LAN access from remote] from 195.154.181.160:5082 to 192.168.1.6:5060, Thursday, Jan 19,2017 08:17:41
Any Help would be great
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi rhazelwood2015,
1. What is the model number of your router?
2. What is the firmware version? Make sure it is updated.
3. Reset the router after the update and reconfigure(If firmware is not updated).
4. Block port 5060 under block services.
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi rhazelwood2015,
1. What is the model number of your router?
2. What is the firmware version? Make sure it is updated.
3. Reset the router after the update and reconfigure(If firmware is not updated).
4. Block port 5060 under block services.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Blocking WAN -> LAN Traffic
Hi rhazelwood2015,
We’d greatly appreciate hearing your feedback letting us know if you need further assistance.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Blocking WAN -> LAN Traffic
Sorry for the late reply, I just began ignoring the issue but at this point starting today I have someone consistentely slamming my phone. I almost want to throw my router out the window....There is NO REASON why outside access should be getting to my internal IP
I have the lastest firmware installed.
My router is the Nighthawk R7000
And I cannot block port 5060 because that is the port that is required for SIP. It disables my phone from working period.
[LAN access from remote] from 80.82.77.5:22140 to 192.168.1.6:5060, Friday, Feb 24,2017 09:02:37
[LAN access from remote] from 62.210.250.141:44347 to 192.168.1.6:5060, Friday, Feb 24,2017 08:57:47
Any help will be great
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Blocking WAN -> LAN Traffic
Can't help much - just put the facts on the table again:
1. Service blocking is to prohibit connections established from the (W)LAN to the WAN. Online Genie help is very clear on this.
2. Year 2017, and there is still no UI control to configre WAN to (W)LAN firewall rules in any Netgear Genie router (!!!)
@rhazelwood2015 wrote:Sorry for the late reply, I just began ignoring the issue but at this point starting today I have someone consistentely slamming my phone. I almost want to throw my router out the window....There is NO REASON why outside access should be getting to my internal IP
When it comes to SIP, arfaid, you might be wrong. Unless you dont wan't to be called (plus some more...), fully blocking the SIP port for WAN->LAN is not a choice. Assuming all your VoIP traffic is handeld by a single or larger scale IPPBX resp. it's gateway(s), and no direct peer-to-peer calls are allowed, you could limit the WAN->LAN for the SIP port(s) to the known IPPBX/IPPBX gateway IP addresses. But now you - no, many of us - are hit by the #2 above.
@JamesGL I'm glad to offer basic networking training to Netgear - there are a lot of processes and almost 20+ year router specs carried forward to be changed for the 21st Century.
Regards,
-Kurt
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more