Firewall not working correctly

Michael_Duebner · March 21, 2012, 9:22am

I am using a 320 with two ISP and several static IP addresses using firmware 5.3.12. I am using 1 to 1 NAT to map public IP addresses to private IP addresses, which is working fine. However, the firewall rules are leaving ports open even when they are denied. Here is an example:

NAT Config: Outside/Inside
99.55.12.14/192.168.1.100

Firewall Config: source/port destination/port
any/any 192.168.1.100/25 (allow)
any/any 192.168.1.100/110 (allow)
any/any any/any (deny)

When you run a port scanner from the outside on IP 99.5.12.14, ports 21, 389, 445 also show as open. I thought I only have 25 and 110 open, so why is there a response on the other ports.

What am I missing…

Michael

Kurt_See · March 25, 2012, 6:02pm

We will need to take a closer look at your config and logs.

Please obtain a diagnostic report, instruction at http://www.peplink.com/index.php?view=faq&id=31, and send it to us via our support queue at http://www.peplink.com/contact/support/

psung · April 2, 2012, 8:15pm

I would assume you put all the rules in the “Inbound Firewall Rules” section with a default deny all rule. To open ports you should add a rule there and select the appropriate WAN, set source/destination IP to any/any, and select the port you want to open. Hope this helps.