Link to home
Start Free TrialLog in
Avatar of andreicpu
andreicpuFlag for Romania

asked on

How can I block port 25 at the DIR-635 router ?

How can I block port 25 for outgoing for all stations, at the DIR-635 router.
Thanks,
Andrei
Avatar of Snibborg
Snibborg
Flag of United Kingdom of Great Britain and Northern Ireland image

Use the Application Level Gateway configuration.  Create a custom option for SMTP and list port 25.

If that doesn't work set up a port forwarding option to an IP address that you know is not serviced by DHCP or to an IP address you can trust.

 

Avatar of andreicpu

ASKER

Where is Application Level Gateway ?
Here is an emulator:
http://www.dlink.co.in/emulators/DIR-635/login.html
Unfortunately, it looks like you cannot add any further choices to the ALG.  Nice design Dlink!

The other way is to add a port forwarder that goes nowhere.

Do that here:

Virtual Server - Advanced settings

Set up a new application - smtp - public and private port 25 choose an IP address that is outside your DHCP range and not the gateway address.

Unfortunately I cannot use the emulator as it keeps changing page to a advert, when I hit back it goes to the main page.

Snibborg
I want block port 25, from internal network to outside.
I want block spam emails from virused stations.
I configured smtp to use port 26 on each station.

Here is a good emulator:
http://support.dlink.com/Emulators/dir635/109/Login.html

Thanks.
That's what changing the port forwarding will do.  when you put in a false forward the port 25 traffic will go nowhere.

Whilst the primary job of port forwarding is to allow connectivity between the Internet and an internal server, such as a web server, by putting in a forwarder to a machine that does not exist you are stopping traffic passing on that port.  In effect you are using it as a port blocker.

Choose advanced settings across the top.  Virtual server will appear.  

Fill in the first pull down and select SMTP.  Choose 25 as both the public and private port.  Fill in the IP address for one that you know you do not use. Type TCP in the protocal box and tick the box on the far left.  Save this.

This should then block port 25 as it will appear that a PC is using it, even of that PC doesn't actually exist.

Snibborg
I will try your solution next week. Thank you.

Andrei
Hi Snibborg,

I tried the solution proposed by you, but did not work.

My knowledge, port forwarding is used for access from internet to intranet. Above settings, indeed, block access from outside to inside.
But I want block access from inside to outside through port 25.

Andrei
From looking at the way the router interface is, that should work both ways.  Can you take a printscreen of that page and upload it here so we can have a look?

Snibborg
ASKER CERTIFIED SOLUTION
Avatar of Snibborg
Snibborg
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Hi Snibborg,

Thanks for kindly help me.

Andrei