Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Does the Draytek 2820 firewall need to be configured to protect home network?

Posted on 2009-03-30
6
Medium Priority
?
1,093 Views
Last Modified: 2013-11-16
Hi,
Just bought a draytek 2820 ADSL router.

Looking though the menu, it has a new object-type setup for it's firewall.  Looking at the defaults it doesnt seem to actually block much apart from some LAN -> WAN netBIOS traffic.

Does this Router need futher configuration to protect the LAN?

I'm used to having routers where everything is blocked unless you unblock it, this looks quite different...
0
Comment
Question by:jmsjms
  • 3
  • 2
6 Comments
 
LVL 11

Expert Comment

by:asdlkf
ID: 24021053
I'd start with a "deny any any" rule and then start inserting permit statements before it...

0
 
LVL 14

Expert Comment

by:plug1
ID: 24026556
ITs default is to block all incoming traffic and allow outgoing traffic. Even without the firewall the NAT alone wouldnt let anything by, but you need to add exceptions to the firewall to allow anything external onto your network.

Panic over :)
0
 

Author Comment

by:jmsjms
ID: 24026559
Yep I would agree if knew that the router needed to be setup, but what I need is confirmation as to wether this "security" router protects a LAN with it's settings out of the box.

J
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 
LVL 14

Accepted Solution

by:
plug1 earned 750 total points
ID: 24026573
Yes, thats what I said, it wont allow any external traffic into your network without configuring allow rules in the firewall. Ive rolled out 25 of these across the UK in the last month.
0
 

Author Comment

by:jmsjms
ID: 24026931
Sorry Plug.  Didnt see your post when I typed in my response above.  Thats my gut feeling and looking at the earlier Drayteks they have the same rules but please bear with me.

What made me worry is that on the 2820, the Firewall general setup page, under "Actions for filter"  has a dropdown list set to "Pass" for filter. (I've not seen this on earlier Drayteks) So it looks like the default is to pass traffic that goes through the rule set.

This would be be true in some other firewalls as they have a blocking rule at the bottom, as asdlkf suggests.
 
Perhaps the way the Draytek works is that the traffic is indeed passed, but passed to the Open Ports section and then only allowed though if it matches settings in the Open ports page?

I've not seen anything confirming this have you?

I appreciate that I'm being a bit thick-headed here but I need to be sure. :-)



0
 

Author Closing Comment

by:jmsjms
ID: 31564354
THanks for your help.  I've not got a complete explanation (maybe Draytek should update their manuals!) but I trust it now.
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question