The AR150 is a great tool for attaching to untrustworthy networks, building a VPN tunnel to provide secure access. Today I ran a port scan against the WWAN of my AR150 - it showed several open ports. This is not something you want when attaching to a untrusted and possible hostile network.
To fix this I checked that “WAN Aceess” in the GUI showed disabled, it did. Next I went to ‘advanced settings / network / firewall / traffic rules’ - disabled all the existing rules. Then I added the below rule to block all WAN access to the AR150 with the action to ‘discard input’
Any TCP, UDP
From any host, in wan
To any router ip on this device
Applied the new rule and retested - the AR150 is stealth.