LTDR: Firewalla is blocking inbound and outboard communications to a number of IoT devices making them non functional.
Details: After having Firewalla installed for the past several months, a number of IoT devices are now having issues (degradation) connecting to the internet to function properly. I have determined that Firewalla is the root cause of the issues and by placing the device(s) into Emergency Access, functionally is restored for a period of time. My assumption is that Firewalla is dynamically determining based on algorithms and behaviors to block certain ports and communications inbound / outboard on the network.
Example A: Samsung Smart TV - unable to preform updates, unable to download apps from Samsung store, TV sluggish, Samsung support unable to remote into TV for troubleshooting.
Example B: Hunter Fan does not connect internet to preform updates, does not integrate into Hunter app properly. for bi-directional communication
Example C: Apple HomeKit devices (smart plugs, speakers) unable to be managed in the Apple Home app
Here are thoughts / questions;
I am familiar with Nmap and while the device is on, I am able to preform the actions that are failing and within real time capture the ports that open/closed/filtered, or in a listening state. After obtaining a list of ports I could create a port forwarding rule in Firewalla for all captured ports, however understanding that this could inherently leave the device vulnerable to attacks, I am hesitant.
I did also was able to review the device within Firewalla and see that within Ports, that there are ports not forwarded listed as well.
Question 1: Is there a way that Firewalla can dynamically either build a list of ports that a device is trying to access outbound (and store that list associated by device) or on the fly allow devices internally to connect through Firewalla over specific ports the device needs?
Question 2: For communications that need to occur inbound, is there a way to determine what ports might need to be opened. Example, iOS app for a device that needs to directly connect to device would be blocked by default, but is there any easy way to filter those requests in order to allow communication to properly transmit?
I am struggling with how to create a proper port forwarding mapping (inbound and outbound) by device(s) to ensure proper communication. I am sure Firewalla captures all requests per device, inbound and outboard and the ability to filter those requests should be possible.
Please sign in to leave a comment.