Link to home
Start Free TrialLog in
Avatar of michael david
michael david

asked on

block ports on linksys e900 & sonicwall soho

need to block port 500 and port 443 on linksys e900 router and sonic wall soho.  cant seem to figure out how on either one.  any ideas?  thanks  :-)
Avatar of Dr. Klahn
Dr. Klahn

Case 1:  Connections from the WAN.  Unless you have port forwarding enabled on the router (which must be done manually) all unsolicited connections emanating from the WAN port are blocked by default.

Case 2:  Connections on the LAN.  Consumer-grade routers have limited memory and generally are not capable of blocking traffic between the LAN ports by port number.  That job is better done in the firewalls installed in the computers on the LAN.

If you give us some further details on the situation perhaps we can find alternate solutions.
Avatar of michael david

ASKER

thank you.  I'm getting pci compliance failures on a couple of machines in different buildings with port 500 and port 443 issuesso i set a rule in windows firewall to block inbound (but not outbound) on those two ports.  I reran the PCI test and the same failures occurred.  maybe i need to block outbound as well?  so i unblocked the windows firewall setting and figured it must be a router setting that needs to block the ports.  maybe there is a better way to solve these issues but I thought to see if just blocking access on those ports would help.  I've attached a pdf file with each fail and cause.
pci-fail-reasons-and-causes-w.pdf
ASKER CERTIFIED SOLUTION
Avatar of masnrock
masnrock
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
somebody suggested i use this crypto tool to make compliant but i have no clue what to uncheck?  see enclosed pdf
iis-crypto-settings.pdf
See your other open question for my response on this.
To disable remote access to the Linksys:
Administration > Management
  1. Log into the browser-based utility.
  2. Click the Administration tab, then click the Management page and locate the Remote Management Access settings in the middle of the screen.
  3. For Remote Management, select Disabled.
  4. To not be able to upgrade your router’s firmware remotely, select Disabled next to Remote Upgrade.
  5. Click Save Settings at the bottom of the screen to accept your changes.

On the Sonicwall...
  1. Go to Network > Interfaces
  2. Edit the WAN interface.
  3. Uncheck the boxes in the Management row (both HTTP and HTTPS)
  4. Click OK.