Links

5.1 Firewall Settings

Firewall rules add another layer of granularity to what is allowed to be forwarded across interfaces and additionally which packets are allowed to be inputted and outputted.

5.1.1 - Firewall Zones

The firewall can collect interfaces into zones to filter traffic logically. A zone can be configured to any set of interfaces. This simplifies the firewall rule logic somewhat by conceptually grouping the interfaces:
  • A rule for a packet originating in a zone must be entering the extender on one of the zone's interfaces,
  • A rule for a packet being forwarded to a zone must be exiting the extender on one of the zone's interfaces.
After accessing the admin, go to Network > Firewall to enter the Firewall - Zone Settings.The SYN-flood protection is enabled by default. You can use the below default firewall zone settings in most of the conditions.
Default firewall zone settings

5.1.2 - Port Forwards

Port forwarding is an application of network address translation (NAT) that redirects a communication request from one address and port number combination to another. Port Forwarding allows remote computers to connect the WiFi extender within a private local-area network (LAN).
Log in to the admin, go to Network > Firewall > click the tab Port Forwards to enter the configure section.
  1. 1.
    Click the button Add
  2. 2.
    Name : Enter the reference name. e.g., Test
  3. 3.
    Protocol: Select from TCP, UDP, and TCP+UDP
  4. 4.
    External zone : Select WAN
  5. 5.
    External port : Set the port number want to access from the external network
  6. 6.
    Internal zone : Select LAN
  7. 7.
    Internal IP Address : Select from the connected intranet hosts
  8. 8.
    Internal port : Choose the port number which needs to forward from the intranet host
  9. 9.
    Click the button Save & Apply