Firewall allows everything by default?
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Firewall allows everything by default?
Model :
Hardware Version : Not Clear
Firmware Version :
ISP :
I have a TL-ER6120 v1.0.
I have allow rules in the firewall section, and specifically SMTP allow rules that allow incoming SMTP from certain IP's (to accommodate our email filtering service).
I noticed this morning an email that looked suspicious and looked at the headers and saw it did not go through our email filtering service, but came direct to our IP.
I checked my rules and only had the allow for SMTP from the specified IP's. I tested port 25 from a remote PC and sure enough, I could connect to port 25 from the outside.
There isn't, specifically, a DENY ALL rule at a lower priority. Do I need one or should the firewall in this device be blocking everything that isn't allowed? When I tried entering one that blocked ANY IP, ANY service on WAN1, and put it at the lowest priority, it basically stopped the internet from working.
HELP!
Thanks!
Hardware Version : Not Clear
Firmware Version :
ISP :
I have a TL-ER6120 v1.0.
I have allow rules in the firewall section, and specifically SMTP allow rules that allow incoming SMTP from certain IP's (to accommodate our email filtering service).
I noticed this morning an email that looked suspicious and looked at the headers and saw it did not go through our email filtering service, but came direct to our IP.
I checked my rules and only had the allow for SMTP from the specified IP's. I tested port 25 from a remote PC and sure enough, I could connect to port 25 from the outside.
There isn't, specifically, a DENY ALL rule at a lower priority. Do I need one or should the firewall in this device be blocking everything that isn't allowed? When I tried entering one that blocked ANY IP, ANY service on WAN1, and put it at the lowest priority, it basically stopped the internet from working.
HELP!
Thanks!
