Port Forwarding TCP/UDP - how to determine per device

Comments

2 comments

  • Avatar
    Firewalla

    Have you looked at this to debug the issue? https://help.firewalla.com/hc/en-us/articles/360050255274-What-to-do-when-you-can-t-access-certain-websites-

    To answer your Question 1, ports are really not a good way to allow or block traffic ... Usually is domains or IP address that needs to be blocked or allowed.

    Your inbound is always triggered by the stateful Firewall, you do not need to manage it. 

    1
    Comment actions Permalink
  • Avatar
    Steven

    Thank you for the response.  I have not yet run through the debug article in detail that you provided and will. I have a few thoughts and comments;

    While I understand that domains and/ or IP addresses should be the preferred method to allow or block traffic, in many cases I am unable to determine that information (through Google searches or vendor documentation) and have to interrogate the device in some manner, which usually provides the port that is active or listening.

    Question: Is the suggestion that I map over device communication by using the Firewalla Blocked Flows that records all the flows blocked by Firewalla, where it will identify the IP or domain is being blocked.

    Then is it recommended to use Manage Rules to set access to those resources? (via IP or domain) that were identified using the Firewalla Block flows?

    And when vendors like Apple only provide TCP/UDP ports to configure on a firewall, it seems to be extra steps to identify the domain / ip address using Firewalla Blocked Flows: https://support.apple.com/en-us/HT202944.

    In regards to your comment on inbound is always triggered  by a stateful Firewall, how is the best way to manage workflows were communication is occurring inbound; like RDP, like remote control, iOS app where the session is initiated externally without allowing the port to device  mapping on the Firewalla. 

    1
    Comment actions Permalink

Please sign in to leave a comment.