IC2 Inbound Firewall Rule Set for B-One-5G failure to open port

From the B-One-5G device GUI I configured the port forwarding service protocol TCP port xxxx to a computer 192.168.x.x from any WAN connection.
From IC2 Firewall Rule Set configured to apply to the B-One-5G I created an Inbound Firewall Rule Source Any - port xxxx Destination 192.168.x.x - port xxxx
The port is not opened as configured above.
Change Inbound Firewall Rule to Source Any - Any
The port is now open.
Why does it work this way? Why should I be accepting from Any source Any port.
BTW it works the same of you configure the Rule on the device GUI as well.

Hi…

This is the way that rules work…
Watchguard, Checkpoint, ipchains, iptables.

" inside " of the device you have

  • a table for forward rules
  • a table for input rules

Correct.

Correction… Your source port, must be ANY. (updating)

Correct

Any Operational System, have a

  • udp / tcp port sorce and this can be randomic chosen by SO.
    Because this… the source port always should be any
    Only few applications, use a fixed source port.

Sample of correct tcp inbound firewall rule

Screenshot 2025-02-13 at 14.50.01

Source any address… You don’t know from where a connection is originated.
Source any port… was I wrote before… random port

" Client or ephemeral port numbers are randomly allocated from a bank of numbers on the client device. "

2 Likes

Thank you Marcelo for your reply. When I began this post I didn’t understand how to open the port properly using the firewall rules. By the time I got to finishing the post I had been taught by the excellent support staff at West Networks. Even they were a little confused to begin with. You see the app on the phone looks for a connection using a specific port so logically I tried the front door (Source) not realizing that the Kitchen door (Destination) was what needed to be selected.
Therein lies my point. A few extra clues for us non-IT folks that truly “know enough to be dangerous” would be helpful. At least I remembered the port forwarding part of the puzzle which is not configurable from IC2. My search skills were not good enough to uncover instructions for a correct tcp inbound firewall rule.

1 Like