Difference between revisions of "VMG1312-B10A: Firewall"

From AAISP Support Site
Jump to: navigation, search
[quality revision][quality revision]
m (AA-Andrew moved page VMG1312: Firewall to VMG1312-B10A: Firewall)
m (Mention that it's worth checking that a rule has been set)
Line 6: Line 6:
 
You don't need to create any special 'protocol' lists, you can simply enter in the Target IP/Port etc. in to the rule.
 
You don't need to create any special 'protocol' lists, you can simply enter in the Target IP/Port etc. in to the rule.
  
From the CLI the 'iptables' command is available, which is familiar to Linux users.
+
From the CLI the ''iptables'' command is available, which is familiar to Linux users.  If logged in as ''supervisor'' the ''sh'' command is available to get a root shell prompt, where the ''ip6tables'' command can be found.
  
 +
Having added a rule via the Web interface, it is worth checking with ''iptables'' or ''ip6tables'' that it has been successful - rules don't always get set correctly and/or may not survive a power cycle.
  
 
[[Category:ZyXEL VMG1312-B10A|Firewall]]
 
[[Category:ZyXEL VMG1312-B10A|Firewall]]

Revision as of 16:07, 31 July 2019

The default firewall state for IPv4 and IPv6 would be enabled. This can be disabled via the AAISP control pages. Rules can be added as required.

The firewall is configured via the router's Web interface:

Security -> Firewall -> Access Control

You don't need to create any special 'protocol' lists, you can simply enter in the Target IP/Port etc. in to the rule.

From the CLI the iptables command is available, which is familiar to Linux users. If logged in as supervisor the sh command is available to get a root shell prompt, where the ip6tables command can be found.

Having added a rule via the Web interface, it is worth checking with iptables or ip6tables that it has been successful - rules don't always get set correctly and/or may not survive a power cycle.