IC2 Inbound Firewall Rule Set for B-One-5G failure to open port

Product Discussion
, ,
1

From the B-One-5G device GUI I configured the port forwarding service protocol TCP port xxxx to a computer 192.168.x.x from any WAN connection.
From IC2 Firewall Rule Set configured to apply to the B-One-5G I created an Inbound Firewall Rule Source Any - port xxxx Destination 192.168.x.x - port xxxx
The port is not opened as configured above.
Change Inbound Firewall Rule to Source Any - Any
The port is now open.
Why does it work this way? Why should I be accepting from Any source Any port.
BTW it works the same of you configure the Rule on the device GUI as well.

2

Hi…

This is the way that rules work…
Watchguard, Checkpoint, ipchains, iptables.

" inside " of the device you have

  • a table for forward rules
  • a table for input rules

Correct.

Correction… Your source port, must be ANY. (updating)

Correct

Any Operational System, have a

  • udp / tcp port sorce and this can be randomic chosen by SO.
    Because this… the source port always should be any
    Only few applications, use a fixed source port.

Sample of correct tcp inbound firewall rule

Screenshot 2025-02-13 at 14.50.01

Source any address… You don’t know from where a connection is originated.
Source any port… was I wrote before… random port

" Client or ephemeral port numbers are randomly allocated from a bank of numbers on the client device. "

2 Likes
3

Thank you Marcelo for your reply. When I began this post I didn’t understand how to open the port properly using the firewall rules. By the time I got to finishing the post I had been taught by the excellent support staff at West Networks. Even they were a little confused to begin with. You see the app on the phone looks for a connection using a specific port so logically I tried the front door (Source) not realizing that the Kitchen door (Destination) was what needed to be selected.
Therein lies my point. A few extra clues for us non-IT folks that truly “know enough to be dangerous” would be helpful. At least I remembered the port forwarding part of the puzzle which is not configurable from IC2. My search skills were not good enough to uncover instructions for a correct tcp inbound firewall rule.

1 Like