Orbi WiFi 7 RBE973
Reply

Netgear R6400v2 firewall query

KevinC123
Aspirant

Netgear R6400v2 firewall query

When I scan two specific ports from outside my home they show as blocked.

 

nmap -Pn -T4 -p 25,9000 "IP address"

Starting Nmap 6.40 ( http://nmap.org ) at 2022-01-03 16:54 UTC
Nmap scan report for machine.name.com (IP address)
Host is up.
PORT STATE SERVICE
25/tcp filtered smtp
9000/tcp filtered cslistener

Nmap done: 1 IP address (1 host up) scanned in 2.14 seconds


I've left out the actual machine name and IP address above, for maybe obvious reasons.

 

I looked through all of the settings on the admin pages via 192.168.1.1 and found a couple things that look like they might be able to open or block ports. Here are my settings for those things.

 

In the section Advanced > Setup > WAN Setup

  • Disable Port Scan and DoS Protection, box checked to disable protection against port scans, i.e. enables port scans.
  • Respond to Ping on Internet Port, box checked to respond to ping. This works. Pings are answered.

In the section Advanced > Security > Access Control

  • Turn on Access Control, box checked. As I understand it, this protects the LAN, 196.168.1.0/255.255.255.0 in my case. I ran a port scan with the box checked and unchecked and got the same results for each test.

 

In the section Advanced > Security > Block Sites

  • Keyword Blocking is set to "Never"
  • Nothing is blocked


In the section Advanced > Security > Block Sites

  • Services Blocking is set to "Never"
  • Nothing is blocked


In the section Advanced > Security > Parental Controls

  • This section is greyed out. I think this means it's inactivate, right?


In the section Advanced > Security > Schedule

  • Days to Block has "Every Day" checked. I think this means that the above settings apply every day, and if those settings disable blocking, then ever day remains unblocked, right?


In the section Advanced > Security > E-mail

  • Turn E-mail notification on, I just now checked the box and filled in the fields. I think this means that I'll get notified if traffic gets blocked by the router, right?

 

In the section Advanced > Administration > Logs

  • I see logged information since the previous boot. I rescanned the ports, as shown at the top of this message. They're still blocked, and nothing showed up in the logs after I refreshed the log display. I think this means that the blocked traffic never reached this router, right?

 

In the section Advanced > Administration > Advanced Setup > Port Forwarding / Port Triggering

  • External port 25 routes to internal port 25 on local machine 192.168.1.10
  • External port 9000 routes to internal port 9000 on local machine 192.168.1.11


In the section Advanced > Administration > Advanced Setup

  • Dynamic DNS is disabled
  • VPN Service is disabled
  • No Static Routes are specified
  • Web Services Management has nothing checked
  • UPnP is turned on and the defaults are specified
  • IPv6 is disabled
  • Traffic Meter is disabled
  • USB Settings is set to enable USB devices plugged into the router's USB port.
  • VLAN / Bridge is unchecked, i.e. disabled.

 

What do you think, is anything in my setup preventing traffic on ports 25 and 9000 from getting through my router? What else might I do to debug this, or to gather information to present to my internet provider to convince them to look at there settings for my service?

 

Thanks much!

Model: R6400|AC1750 Smart WiFi Router
Message 1 of 3

Accepted Solutions
KevinC123
Aspirant

Re: Netgear R6400v2 firewall query

I managed to get port forwarding working.

Part of the problem was that TCP Wrappers (aka tcpd) was blocking one port that was making it through the the Netgear router. That's solved now.

But, Comcast blocks the old SMTP email port 25, so that data never reaches the Netgear router. Here's what they say about that https://www.xfinity.com/support/articles/email-port-25-no-longer-supported   I tend to agree with them, but it sure is inconvenient. That's the price I pay for security.

View solution in original post

Model: R6400|AC1750 Smart WiFi Router
Message 3 of 3

All Replies
DexterJB
NETGEAR Moderator

Re: Netgear R6400v2 firewall query

Hi @KevinC123, we'd like to know the following:

 

 

1. What firmware version is the R6400v2?

2. Have you tried port forwarding for the said ports?

3. Do you have UPnP enabled or disabled?

 

Dexter

Message 2 of 3
KevinC123
Aspirant

Re: Netgear R6400v2 firewall query

I managed to get port forwarding working.

Part of the problem was that TCP Wrappers (aka tcpd) was blocking one port that was making it through the the Netgear router. That's solved now.

But, Comcast blocks the old SMTP email port 25, so that data never reaches the Netgear router. Here's what they say about that https://www.xfinity.com/support/articles/email-port-25-no-longer-supported   I tend to agree with them, but it sure is inconvenient. That's the price I pay for security.

Model: R6400|AC1750 Smart WiFi Router
Message 3 of 3
Top Contributors
Discussion stats
  • 2 replies
  • 1581 views
  • 0 kudos
  • 2 in conversation
Announcements

Orbi WiFi 7