andreicpu
asked on
How can I block port 25 at the DIR-635 router ?
How can I block port 25 for outgoing for all stations, at the DIR-635 router.
Thanks,
Andrei
Thanks,
Andrei
ASKER
Where is Application Level Gateway ?
Here is an emulator:
http://www.dlink.co.in/emulators/DIR-635/login.html
Here is an emulator:
http://www.dlink.co.in/emulators/DIR-635/login.html
Unfortunately, it looks like you cannot add any further choices to the ALG. Nice design Dlink!
The other way is to add a port forwarder that goes nowhere.
Do that here:
Virtual Server - Advanced settings
Set up a new application - smtp - public and private port 25 choose an IP address that is outside your DHCP range and not the gateway address.
Unfortunately I cannot use the emulator as it keeps changing page to a advert, when I hit back it goes to the main page.
Snibborg
The other way is to add a port forwarder that goes nowhere.
Do that here:
Virtual Server - Advanced settings
Set up a new application - smtp - public and private port 25 choose an IP address that is outside your DHCP range and not the gateway address.
Unfortunately I cannot use the emulator as it keeps changing page to a advert, when I hit back it goes to the main page.
Snibborg
ASKER
I want block port 25, from internal network to outside.
I want block spam emails from virused stations.
I configured smtp to use port 26 on each station.
Here is a good emulator:
http://support.dlink.com/Emulators/dir635/109/Login.html
Thanks.
I want block spam emails from virused stations.
I configured smtp to use port 26 on each station.
Here is a good emulator:
http://support.dlink.com/Emulators/dir635/109/Login.html
Thanks.
That's what changing the port forwarding will do. when you put in a false forward the port 25 traffic will go nowhere.
Whilst the primary job of port forwarding is to allow connectivity between the Internet and an internal server, such as a web server, by putting in a forwarder to a machine that does not exist you are stopping traffic passing on that port. In effect you are using it as a port blocker.
Choose advanced settings across the top. Virtual server will appear.
Fill in the first pull down and select SMTP. Choose 25 as both the public and private port. Fill in the IP address for one that you know you do not use. Type TCP in the protocal box and tick the box on the far left. Save this.
This should then block port 25 as it will appear that a PC is using it, even of that PC doesn't actually exist.
Snibborg
Whilst the primary job of port forwarding is to allow connectivity between the Internet and an internal server, such as a web server, by putting in a forwarder to a machine that does not exist you are stopping traffic passing on that port. In effect you are using it as a port blocker.
Choose advanced settings across the top. Virtual server will appear.
Fill in the first pull down and select SMTP. Choose 25 as both the public and private port. Fill in the IP address for one that you know you do not use. Type TCP in the protocal box and tick the box on the far left. Save this.
This should then block port 25 as it will appear that a PC is using it, even of that PC doesn't actually exist.
Snibborg
ASKER
I will try your solution next week. Thank you.
Andrei
Andrei
ASKER
Hi Snibborg,
I tried the solution proposed by you, but did not work.
My knowledge, port forwarding is used for access from internet to intranet. Above settings, indeed, block access from outside to inside.
But I want block access from inside to outside through port 25.
Andrei
I tried the solution proposed by you, but did not work.
My knowledge, port forwarding is used for access from internet to intranet. Above settings, indeed, block access from outside to inside.
But I want block access from inside to outside through port 25.
Andrei
From looking at the way the router interface is, that should work both ways. Can you take a printscreen of that page and upload it here so we can have a look?
Snibborg
Snibborg
ASKER
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Snibborg,
Thanks for kindly help me.
Andrei
Thanks for kindly help me.
Andrei
If that doesn't work set up a port forwarding option to an IP address that you know is not serviced by DHCP or to an IP address you can trust.