DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Vigor 2860

More
24 Aug 2020 19:43 #96928 by kogg
Vigor 2860 was created by kogg
Hi All,

Right, the other day I had a problem with my broadband and swapped the DrayTEK for a Huawai Router supplied by my ISP. Looking at the cheapo router I notice in the router logs a lot of attempted inbound access hitting the firewall!!!!

Anyway I put a software firewall on my laptop to see if these hack attacks where actually getting through the Hauwai firewall - they were NOT getting through. I know this because when I disabled the Hauwawi firewall my laptop firewall went crazy until I enabled the huawei firewall once again and all went quite.

So today I put the DrayTek vigor 2060 back online and did the same test, and to my astonishment the software firewall was going crazy even though my DrayTex 2060 was supposedly firewalled.

My question is how are all these outside attacks getting through the 2060 firewall??? I've also noticed that port 443 is open to the world on the vigor 2060, but not so on the Huawei router, and I've been unable to block that port to outside traffic?? Also on scans, port zero shows up as being closed but not blocked, why is that?? My cheap Chinese router seems to be doing a better job of security issues and hiding my presence than my expensive Vigor 2060?

Please Log in or Create an account to join the conversation.

More
25 Aug 2020 01:02 #96932 by hornbyp
Replied by hornbyp on topic Re: Vigor 2860

kogg wrote:
Looking at the cheapo router I notice in the router logs a lot of attempted inbound access hitting the firewall!!!!

The attempts are (sadly) perfectly normal. The 2860 will show you all these (if you really want to see them), but you'll have to configure a Firewall rule and set it to log to Syslog. (You'll also have to run a Syslog Daemon somewhere on your network.) You can also log to USB, and there is a built-in log viewer - personally I don't find either of those very usable.

With a NAT router (which the 2860 and Huawei are), individual machines on your network cannot be seen or attacked from the Internet, unless there is a NAT forwarding rule that sends traffic to them - at least using IP V4. An exception to this, would be if you have configured a so-called DMZ host. (I have no idea why they use that terminology, but in a nutshell, it's a specific IP address to which all incoming traffic is directed. It is not configured by default.)

I've also noticed that port 443 is open to the world on the vigor 2060, but not so on the Huawei router, and I've been unable to block that port to outside traffic??

By default, Port 443 is used to access the Router itself - either for Management or SSL VPN. Go to "System Maintenance >> Management" and disable options as appropriate in the "Internet Access Control" section. There are no VPNs defined by default.

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami