Firewall not letting some NAT ports 23 through

Desmogger · April 25, 2016, 3:01pm

#Allow outbound FTP traffic
pass out break end proto ftp from any to any port=ftpcnt flags S!A inspect-state
#Allow any other outbound traffic and the replies back in
pass out break end inspect-state
#Allow incoming IPSEC
pass break end proto 50
pass in break end proto udp from any to any port=ike
pass in break end proto udp from any to any port=4500
#Allow any traffic within an IPSEC tunnel in both directions
pass break end oneroute any
#Allow incoming SSH and SFTP
pass in break end proto tcp from any to any port=22 flags S!A inspect-state
#Allow incoming HTTPS
pass in break end proto tcp from any to any port=443 flags S!A inspect-state
#Block and log everything else including incoming telnet, http and FTP
block log break end

James.Wilson · April 26, 2016, 5:00am

Hi

Not sure what you are trying to do as the basic firewall ruleset does not allow Telnet inbound.

it should allow all traffic outbound if this is applied to PPP interface / Wan interface.

if the firewall is enabled on local lan interface nothing would work

regards

James

Desmogger · April 26, 2016, 9:20am

James,

Very Simple connecting to a BAMS 1022 PM2.5 sampler via ethernet port Usually NAT Port 4000 to internal
192.168.1.113:23

Ports 9881 & 9887 redirect to internal 192.168.1.45 (an 8832 ESC Data Logger which requires port 9881 & 9887 they seem to work.

James.Wilson · April 27, 2016, 2:35am

Hi

With out the full configuration if you are using port forwarding you need to make sure you have NAT enabled with option 2 “IP and Pot Numbers” this is needed to do port number changes.

if you have other port mapping that use the same port number in and out the default nat rul is usally just set to 1 (ip only)

for further help i would need to see a full Debug to see what is happening

regards

James

Desmogger · November 21, 2018, 8:15am

James,
Thanks how do I send you the debug file? Man I am getting all sorts of GP socket connection from all over the flicking world and it closed down my dang WR41 this morning requiring a reboot again Did it also last weekend. I need firewall help.
is the file called debug.log?
Robert

James.Wilson · November 21, 2018, 9:48am

the devices you are connecting over the internet has this got a fixed IP on the internet?

You should enable the firewall and only allow access to the ports you want

like

pass in break end on ppp 1 from x.x.x.x to addr-ppp1 port 8800 >< 8900 > to 192.168.1.45

if you need further assistance you should contact tech.support@digi.com

Topic		Replies	Views
Why do pings time out from devices connected to my WR21 Digi TransPort WR (Series) transport	4	1040	November 21, 2014
Ca I have a specific FW script for use on a specific interface? Digi TransPort WR (Series) firewall , qos	30	1792	May 17, 2018
Problem that the web UI of the Digi Transport router can't be accessible if both end Digi router firewall were enabled? Digi TransPort WR (Series) connection	4	499	August 31, 2016
How do I only allow https outbound traffic? Digi TransPort WR (Series) wr44 , firewall	4	740	June 26, 2018
Disable HTTPS and SSH on PPP1? Digi TransPort WR (Series) firewall	1	216	February 22, 2022

Firewall not letting some NAT ports 23 through

Related Topics