Internal Network Firewall Rules

Where can I find documentation on this section?

Is a non-default configuration necessary there for a Surf SOHO to allow SAMBA file shares between two Linux clients on the same LAN trunk? If directly networked with fixed IPs through a simple switch, each has visibility to ports 139 and 445 of the other and file shares function, so I know the servers are up; when networked through the SOHO, the two clients can ping each other, but those ports are blocked.

Under the question mark:

There is no firewall in place on the SOHO for two clients on the same subnet - unless one is wireless, where wifi rules can block traffic (but not by default). You say trunk, are they in different IP ranges?

1 Like

It works as I thought it should, so thanks for the confirmation. TCP between clients was perfectly reliable on wired connections to my office SOHO, but totally unpredictable with either machine on WiFi, even though the AP firewall was disabled. It turned out to be my rather unusual setup.

I have a second SOHO wired LAN to LAN over an attic cable to provide WiFi to video streamers, guests, and a door cam on the other end of the house. Those are on VLANS with their own SSIDs and passwords. It has worked well, but I made the mistake of duplicating the trunk/office SSID on that AP in case I needed a stronger signal there.

It appears that second AP reaches the office well enough that a wireless client may connect to it. It was transparent for the normal surfing of the web, but there was potentially no route between clients. When I unplugged it, all became well, and it stayed good since disabling that duplicated SSID.

'Shoulda thought of that, but thanks for the confirmation that it had to be me.