Why Surf SOHO default firewall inbound set to allow?


#1

Hi, I did some searching around on the forum for an answer to my query, but I am not sure I am understanding. I am wondering why the default inbound rule for the Pepwave Surf SOHO is set to allow? Is it secure to leave it as allow or should I set it to deny?


#2

As with any NAT router, port forwarding or a NAT mapping is needed to establish inbound sessions. The default rule is set to allow for easy out of the box deployments, but it is a good practice to configure the default inbound firewall rule to deny.


#3

Would leaving the default rule set to allow leave your network open to attack? I’m just learning about home networking and I’m interested in learning more, can you recommend any starting reading material? Thanks!


#4

This is a badly worded or badly explained feature. Though it looks open and insecure it is not. The default firewall state is secure, that is, it blocks everything coming in. You can test the WAN side of your router with assorted online testers listed here

https://routersecurity.org/testrouter.php#FirewallTesters


#5

I found this post while doing some research: SOHO 3 IS NOT FULLY SECURE FROM YOUR ADSL ROUTER WITHOUT THIS CONFIG: KEEPING YOUR LAN SAFE FROM HACKERS (see answer at the bottom) :-)

I understand it as the SOHO in default allow mode blocks all inbound traffic, but if there is something on your network that needs inbound connections, it will allow it. Therefore changing the default to deny will block the device that needed the inbound connection?