5.1 Firewall Settings

Firewall rules add another layer of granularity to what is allowed to be forwarded across interfaces and additionally which packets are allowed to be inputted and outputted.

5.1.1 - Firewall Zones

The firewall can collect interfaces into zones to filter traffic logically. A zone can be configured to any set of interfaces. This simplifies the firewall rule logic somewhat by conceptually grouping the interfaces:
  • A rule for a packet originating in a zone must be entering the extender on one of the zone's interfaces,
  • A rule for a packet being forwarded to a zone must be exiting the extender on one of the zone's interfaces.
After accessing the admin, go to Network > Firewall to enter the Firewall - Zone Settings.The SYN-flood protection is enabled by default. You can use the below default firewall zone settings in most of the conditions.
Default firewall zone settings

5.1.2 - Port Forwards

Port forwarding is an application of network address translation (NAT) that redirects a communication request from one address and port number combination to another. Port Forwarding allows remote computers to connect the WiFi extender within a private local-area network (LAN).
Log in to the admin, go to Network > Firewall > click the tab Port Forwards to enter the configure section.
  1. 1.
    Click the button Add
  2. 2.
    Name : Enter the reference name. e.g., Test
  3. 3.
    Protocol: Select from TCP, UDP, and TCP+UDP
  4. 4.
    External zone : Select WAN
  5. 5.
    External port : Set the port number want to access from the external network
  6. 6.
    Internal zone : Select LAN
  7. 7.
    Internal IP Address : Select from the connected intranet hosts
  8. 8.
    Internal port : Choose the port number which needs to forward from the intranet host
  9. 9.
    Click the button Save & Apply