How can I block port 25 at the DIR-635 router ?

How can I block port 25 for outgoing for all stations, at the DIR-635 router.
Thanks,
Andrei
andreicpuAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SnibborgOwnerCommented:
Use the Application Level Gateway configuration.  Create a custom option for SMTP and list port 25.

If that doesn't work set up a port forwarding option to an IP address that you know is not serviced by DHCP or to an IP address you can trust.

 

0
andreicpuAuthor Commented:
Where is Application Level Gateway ?
Here is an emulator:
http://www.dlink.co.in/emulators/DIR-635/login.html
0
SnibborgOwnerCommented:
Unfortunately, it looks like you cannot add any further choices to the ALG.  Nice design Dlink!

The other way is to add a port forwarder that goes nowhere.

Do that here:

Virtual Server - Advanced settings

Set up a new application - smtp - public and private port 25 choose an IP address that is outside your DHCP range and not the gateway address.

Unfortunately I cannot use the emulator as it keeps changing page to a advert, when I hit back it goes to the main page.

Snibborg
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

andreicpuAuthor Commented:
I want block port 25, from internal network to outside.
I want block spam emails from virused stations.
I configured smtp to use port 26 on each station.

Here is a good emulator:
http://support.dlink.com/Emulators/dir635/109/Login.html

Thanks.
0
SnibborgOwnerCommented:
That's what changing the port forwarding will do.  when you put in a false forward the port 25 traffic will go nowhere.

Whilst the primary job of port forwarding is to allow connectivity between the Internet and an internal server, such as a web server, by putting in a forwarder to a machine that does not exist you are stopping traffic passing on that port.  In effect you are using it as a port blocker.

Choose advanced settings across the top.  Virtual server will appear.  

Fill in the first pull down and select SMTP.  Choose 25 as both the public and private port.  Fill in the IP address for one that you know you do not use. Type TCP in the protocal box and tick the box on the far left.  Save this.

This should then block port 25 as it will appear that a PC is using it, even of that PC doesn't actually exist.

Snibborg
0
andreicpuAuthor Commented:
I will try your solution next week. Thank you.

Andrei
0
andreicpuAuthor Commented:
Hi Snibborg,

I tried the solution proposed by you, but did not work.

My knowledge, port forwarding is used for access from internet to intranet. Above settings, indeed, block access from outside to inside.
But I want block access from inside to outside through port 25.

Andrei
0
SnibborgOwnerCommented:
From looking at the way the router interface is, that should work both ways.  Can you take a printscreen of that page and upload it here so we can have a look?

Snibborg
0
andreicpuAuthor Commented:
0
SnibborgOwnerCommented:
Well I've tried everything and gone over the manual with a fine toothed comb and I cannot find a way of preventing your machines from accessing port 25.  It seems that the Dlink is more interested in preventing Web acces than any other protocol.

The only other option I can think of is to use a proxy server between your machines and the router.  Perhaps someone else can advise what would be a suitable item.  Maybe someone else can also see if there is something I have missed that will allow the Dlink to block specific ports.

Snibborg
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
andreicpuAuthor Commented:
Hi Snibborg,

Thanks for kindly help me.

Andrei
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.