Does the X20 router have a firewall?
Hello, I have alerts on my home NAS for inbound SSH connection attempts from the outside world, the NAS blocked them as authentication had failed, but I'm surprised the connections were permitted by the X20 in the first place. I have not forwarded the ssh ports.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
According to its specs X20 has an SPI Firewall - more on TP-Link firewalls here. Opening particular ports can be done through Deco app port-forwarding, SIP ALG or UPnP feature.
It's quite possible that the SSH port has been opened by the X20 UPnP feature. Disable X20 UPnP (if it's enabled) from the Deco app and check if that resolves the problem.
- Copy Link
- Report Inappropriate Content
It doesnt look like uPNP is enabled, it seems the X20 doesn't have a firewall unless you pay for the Homeshield Pro subscription service.
- Copy Link
- Report Inappropriate Content
From Do I Need a Firewall if I Have a Router?: "Home routers use network address translation (NAT) to share a single IP address from your Internet service provide among the multiple computers in your household. When incoming traffic from the Internet reaches your router, your router doesn’t know which computer to forward it to, so it discards the traffic. In effect, the NAT acts as a firewall that prevents incoming requests from reaching your computer."
Without setting port forwarding, enabling UPnP, or configuring DMZ - how would X20 router know to forward ssh traffic to your NAS specifically?
- Copy Link
- Report Inappropriate Content
You raise a very good point, and I do use port forwarding on the NAS for other functions such as an occasional VPN client, but ssh isn't one of them and the NAS is listening on the default port. Sadly the options for configuring or looking at things like log files are minimal. I since took out a 30 day trial for the HomeShieldPro subscription and whilst that may plug the hole, it still doesn't provide any real management facilities. It's all a bit Mickey Mouse really, I plan on buying a proper firewall, using the X20 just in AP mode and canceling the ridiculous subscription.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1703
Replies: 4
Voters 0
No one has voted for it yet.