Seeking understanding

Follow

Donny

• September 20, 2022 19:59

So, I just connected a new device to my home network. It received an IP and gained internet access. 

My issue is that there are no groups or rules assigned to this new device. There are no default rules that I have created nor see. 

How is this device gaining access to the internet? 

0

• 

  David Rothenberger

  • September 20, 2022 20:08
  • Edited

  Firewalla with no rules will allow everything, so if you don't have any rules for the network to which this device was added, it will be able to connect to the Internet by default.

  If you want to prevent this, enable the New Device Quarantine feature for the network, and ensure the Quarantine group has a rule to block Internet access and block access To and From All Local Networks. With that feature enabled, new devices will be added to the Quarantine group, and you will receive an alert. You then have to move the device to the appropriate group (if any) before it can access the Internet or your other networks.

  0

  Comment actions Permalink
• 

  Donny

  • September 20, 2022 20:15

  Thank you for the details.
  
  I thought I had read that Firewalla was a deny by default. Is there a way to set it up as deny by default? I just tried to make a deny all rule, but was told by Firewalla that it was not allowed.

  0

  Comment actions Permalink
• 

  David Rothenberger

  • September 20, 2022 20:22

  You can make a global rule to block traffic to/from the Internet and another to block to/from all local networks, I believe.

  0

  Comment actions Permalink
• 

  Michael Bierman

  • September 20, 2022 22:24

  @donny by default Firewalla is deny ingress by default; not egress. 
  
  As I mentioned in a previous thread, you can use a BLOCK Internet access rule and then allow selective access. This is not a common case, but I use it for example on IoT VLANs which I know only need access to a couple of Domains. 
  
  
  

  0

  Comment actions Permalink

Please sign in to leave a comment.