Technical Discussion
  >> Home Networking, Internet Connection Sharing, etc.


Register (or login) on our website and you will not see this ad.


  Print Thread
Anonymous
(Unregistered)Mon 12-Dec-11 19:25:14
Print Post

Router Firewall Removal Advice


[link to this post]
 
Hi guys,
Im currently setting up my network and need some advice please.
My adsl comes in to a Netgear DG834, wich then splits off to two place
1. Homeplugs - Which supplies my 360 & PS3
2. A Draytek 2920Vn Router Which supplies my main desktop and all wireless devices in my house.

I intend to remove the firewall on the Netgear to improve the NAT on the PS3 & 360.
Does anyone consider this foolish in anyway?
The Draytek has it's firewall on , and has DOS defense setup.
All Laptops (wireless) on my network have 3rd party internet suite's running.

I'm a little paranoid through in-experience, to effectively turn the netgear firewall off I need to do the following,

From the main menu, choose Security -> Rules
Add a new rule for Inbound Services with a service name of "ANY" and an action of "ALLOW always."
Then, move your new rule up until it is the first rule in the Inbound Services section.

Thanks
Kev
Administrator MrSaffron
(staff) Tue 13-Dec-11 09:13:58
Print Post

Re: Router Firewall Removal Advice


[re: Anonymous] [link to this post]
 
Issue is really that you are running two NAT routers in series.

To create a modem only, i.e. no firewall mode on the DG834 you need a block of static IP addresses from provider.

Your idea of creating a new security rule might work, if you ensure the IP address the draytek router gets is always the same, e.g. LAN IP Address reservation, or set its WAN side up with a manual IP address.

The security on the draytek (NAT mainly) will provide a similar level of protection to what the DG834 does already.

Have you considered wiring the PS3 and xbox using ethernet directly to the dg834?

Another option would be rely on the security in the 834, and configure the draytek to operate as a wireless access point rather than wireless router.

Andrew Ferguson, andrew@thinkbroadband.com
www.thinkbroadband.com - formerly known as ADSLguide.org.uk
The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
Standard User shtu
(experienced) Tue 13-Dec-11 09:50:28
Print Post

Re: Router Firewall Removal Advice


[re: Anonymous] [link to this post]
 
in addition to all Mr S mentions above, The other thing to look into would be placing the consoles into a DMZ.


Register (or login) on our website and you will not see this ad.

Anonymous
(Unregistered)Tue 13-Dec-11 10:21:42
Print Post

Re: Router Firewall Removal Advice


[re: MrSaffron] [link to this post]
 
Thanks for the replies.
Sorry im maybe not too clear in describing my setup.
The PS3 is connected to the DG834 via homeplugs (not connected into the Draytek.)
I did try connecting in series via the Draytek but I did indeed get a strict NAT.
I tried using the Draytek wireless but this gives me a strict NAT

I have tried creating the new rule which leaves the DG834 open.
This has gave me an open NAT on my consoles.
Is this current configuration safe against attacks?
Administrator MrSaffron
(staff) Tue 13-Dec-11 14:21:56
Print Post

Re: Router Firewall Removal Advice


[re: Anonymous] [link to this post]
 
Safe - if the PC's are all behind the draytek then that acts as a barrier, in addition to the security software on each device.

Not aware of any specific exploits allowing people to hack the PS3/XBox from placing them in the DMZ, i.e. get all traffic. Most console risks are phishing attacks, e.g. click link in email thinking its a Microsoft one and giving away XBox live details.

Did you look at the UPnP settings in the router? Also was the dg834 running old firmware?

Andrew Ferguson, andrew@thinkbroadband.com
www.thinkbroadband.com - formerly known as ADSLguide.org.uk
The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
Anonymous
(Unregistered)Tue 13-Dec-11 15:38:13
Print Post

Re: Router Firewall Removal Advice


[re: MrSaffron] [link to this post]
 
In reply to a post by MrSaffron:
Safe - if the PC's are all behind the draytek then that acts as a barrier, in addition to the security software on each device.

Not aware of any specific exploits allowing people to hack the PS3/XBox from placing them in the DMZ, i.e. get all traffic. Most console risks are phishing attacks, e.g. click link in email thinking its a Microsoft one and giving away XBox live details.

Did you look at the UPnP settings in the router? Also was the dg834 running old firmware?


Thanks mate,
Have UPnP enabled and have bot the Draytek and DG834 firmwares updates to newest
  Print Thread

Jump to