Possible bug in Inbound Firewall rules


#1

I have a machine listening on a port. I forwarded the port from the router to machine and I can connect to it successfully from outside networks but this is only when the Inbound policy is set to Allow.

I then changed the default inbound policy to Deny and added an exception as shown but now I can no longer connect to the service from outside. It seems that it’s only applying the default rule and ignoring all the exceptions added.

Model: Peplink Balance 30
Firmware: 5.4.6 build 1585


#2

You should configure the inbound port forwarding in “Inbound Access”

Please refer the following article for details


#3

I have that configured already but the firewall is blocking it. If I set the default policy to “Allow”, it works. If I set it to “Deny” and add an exception, the exception is ignored.


#4

I cannot reproduce this on my Balance. Does it work with another port say TCP 2111?


#5

Can you please try it again with the port mapping option instead of single port? I think that’s where the problem is.


#6

When I try it with “Single Port”, then the inbound firewall rules are working.
When I try it with “Port Mapping”, then the inbound firewall exception rules are ignored and only the default rule is applied.


#7

Ahhh let us give that a shot. Stay tuned.


#8

I think I spotted something here. It is not about the port mapping, it is about the firewall policy. The port mapping will take place before the firewall policy. Thus you should allow TCP port 22 instead of port 2111. Please see our lab test screenshots attached. Please give it a try and let us know if problem still persist.



#9

Yes, it works now. Thanks.


#10

Glad that it works now. Cheers.