How to Block all WAN access to GL-AR150

ds-iceland · April 20, 2017, 10:11pm

The AR150 is a great tool for attaching to untrustworthy networks, building a VPN tunnel to provide secure access. Today I ran a port scan against the WWAN of my AR150 - it showed several open ports. This is not something you want when attaching to a untrusted and possible hostile network.

To fix this I checked that “WAN Aceess” in the GUI showed disabled, it did. Next I went to ‘advanced settings / network / firewall / traffic rules’ - disabled all the existing rules. Then I added the below rule to block all WAN access to the AR150 with the action to ‘discard input’

Any TCP, UDP
From any host, in wan

To any router ip on this device

Applied the new rule and retested - the AR150 is stealth.

nikor · April 21, 2017, 12:22am

Please, can you show a screenshot of your changes?

Thanx

ds-iceland · April 21, 2017, 9:21am

Here you go

nikor · April 21, 2017, 5:32pm

Well done! Thank you

However, it would be interesting to know Alzhao’s opinion about this.

alzhao · April 24, 2017, 12:17pm

No problem. Just delete the port open rules!!

We open these port so that the router is easier to use. So if more and more people want this port closed, they will be closed by default!