Home

Forums

Stories

Knowledge Base

Business Community > Controllers > SPI Firewall Configuration

< Controllers

SPI Firewall Configuration

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

SPI Firewall Configuration

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Jackace

2021-08-12 01:03:41 - last edited 2021-08-12 01:47:37

Posts: 30

Helpful: 40

Solutions: 0

Stories: 0

Registered: 2021-07-31

SPI Firewall Configuration

2021-08-12 01:03:41 - last edited 2021-08-12 01:47:37

Model: ER605 (TL-R605)

Hardware Version:

Firmware Version:

In the data sheet for the ER605 it says it is an SPI firewall. How do you configure this and turn it on in the Omada controller? Can it block all external connections inbound? It doesn't do that by default as I can ping my computers from an external source (via IPv6 PD) and I can connect with RDP, SSH, etc from the outside. Is there a way to block all that on ingress?

I did find a button to disable pings, but what about other connections?

4 Reply

Somnus

LV5

2021-08-13 01:45:55

Posts: 1212

Helpful: 219

Solutions: 72

Stories: 0

Registered: 2021-06-14

Re:SPI Firewall Configuration

2021-08-13 01:45:55

@Jackace

Hey,

Do the computers in your LAN network obtain IPv4 or IPv6 addresses? If they get IPv4 addresses, SPI firewall is enabled by default, no need to configure anything. But I guess you may use IPv6. If that is the case, they haven't developed firewall function yet based on IPv6 addresses.

Jackace

LV2

2021-08-13 05:16:13

Posts: 30

Helpful: 40

Solutions: 0

Stories: 0

Registered: 2021-07-31

Re:SPI Firewall Configuration

2021-08-13 05:16:13

@Somnus

My lan has both IPv4 and IPv6. IPv4 is unreachable from the Internet because it is behind NAT. IPv6 though my PCs have globally routable IPv6 addresses on them so they are reachable from anywhere on the Internet. I was hoping I could turn on the SPI firewall and block all incoming requests that are not initiated by something on the LAN making a request. Sounds like I'm going to need an actual firewall for this functionality.

Somnus

LV5

2021-08-13 08:31:18 - last edited 2021-08-13 08:36:30

Posts: 1212

Helpful: 219

Solutions: 72

Stories: 0

Registered: 2021-06-14

Re:SPI Firewall Configuration

2021-08-13 08:31:18 - last edited 2021-08-13 08:36:30

@Jackace

This router can't block WAN access to IPv6 address. You can try blocking ping from WAN, but it seems also base on IPv4 address. I never try to use it to block IPv6 access.

Jackace

LV2

2021-08-13 08:59:39

Posts: 30

Helpful: 40

Solutions: 0

Stories: 0

Registered: 2021-07-31

Re:SPI Firewall Configuration

2021-08-13 08:59:39

Yeah I figured the IPv6 firewall rules were pretty light or nonexistent. Wondering if those are coming on the r605 or if there are plans for a more full featured gateway router/firewall in the future?

SPI Firewall Configuration

SPI Firewall Configuration

Information

Voters 0

Tags