Not understanding why traffic still comes in

Kevin49 · August 29, 2017, 2:45pm

So someone setup a peplink with the following Inbound Firewall Rules

Rule / Protocol / WAN / Source IP Port / Destination IP Port / Policy
1 / Any / WAN1 / 10.42.0.0/16 / Any / Allow
2 / Any / WAN1 / 10.154.0.0/16 / Any / Allow
3 / Any / WAN1 / 192.168.0.0/16 / Any / Allow
Default / Any / Any / Any / Any / Block

I’m being told traffic in flowing free on WAN2, but my interpretation of the Inbound side of the rules would tell me that ALL inbound traffic, request and unrequested, would get blocked unless its on WAN1 and the source IP of the packet is from one of those 3 subnets.

Is my understanding incorrect?

I’m not seeing any rules that force all traffic over WAN1, ill periodically see outbound sessions on WAN2 but not inbound, which would make me think that browsing the internet over WAN2 is impossible because all return http packets would be blocked.

Ron_Case · August 29, 2017, 2:53pm

Inbound or outbound firewall rules control if a session can be established or not. An outbound session on WAN2 can still receive the return packets for that session.

sitloongs · August 29, 2017, 11:32pm

The inbound firewall rules only apply to the following types of traffic:

Inbound WAN 1 traffic where the WAN 1 is in drop-in mode
Inbound traffic that is defined in Inbound Services
Inbound traffic that is defined in Inbound NAT Mappings

You can defined the inbound firewall rules, not mean the traffics types is meet.