Latest revision as of 23:58, 17 August 2018

FireBrick 105

In a factory state the Filters on a FireBrick 105 will not allow DNS to the FireBrick from the WAN - the default state is to block incoming traffic, but to allow outgoing traffic. However, in some cases, customers disable the firewall by adding a rule that allows all traffic in. In this case, a new rule is needed to block DNS to the FireBrick.

Instructions

Create a Firewall filter to block port 53, from the WAN to the FireBrick, and make sure it's before any other rule that may allow this traffic in:

Name: BlockOpenDNS
Source: WAN
Target: FireBrick (The name of your FireBrick)
Action: Drop
Target ports: 53
Protocol: UDP

Then re-test from the Control Pages: https://clueless.aa.net.uk/dnsresolvers.cgi

@@ Line 1: / Line 1: @@
-[[File:Firebrick105.gif]]
+[[File:105-small.gif]]
-=FireBrick 105:=
+=FireBrick 105=
-In a factory state the Fillters on a FireBrick 105 will not allow DNS to the FireBrick from the WAN - the default state is to block incoming traffic, but to allow outgoing traffic.
+[[File:FireBrick-icons.png]]
+'''In a factory state the Filters on a FireBrick 105 will not allow DNS to the FireBrick from the WAN - the default state is to block incoming traffic, but to allow outgoing traffic.
+'''
 However, in some cases, customers disable the firewall by adding a rule that allows all traffic in. In this case, a new rule is needed to block DNS to the FireBrick.
+==Instructions==
 Create a Firewall filter to block port 53, from the WAN to the FireBrick, and make sure it's before any other rule that may allow this traffic in:
  Name: BlockOpenDNS
@@ Line 15: / Line 19: @@
  Target ports: 53
  Protocol: UDP
+*Then re-test from the Control Pages: https://clueless.aa.net.uk/dnsresolvers.cgi
 [[File:FireBrick-OpenDNS-Rule.png]]
+[[Category:FireBrick]]
+[[Category:Open DNS Resolvers]]
+[[Category:AA Routers]]