More advanced firewall?

AirLink Routers AirLink routers
1

Please tell me there is a way to add more advanced firewall rules. I would like to specifically block DNS but to 2 Public IP addresses and in most basic firewalls that’s pretty easy. I haven’t found a way to do that yet on the MP70 any ideas?

2

Hi justin,

I am not sure about your case. Do you want Inbound to restrict access to AirLink port and all LAN or Outbound connected devices to limit LAN access to external network (Internet) to 2 Public IP addresses?

If yes, you can add 2 public IP addresses to trusted IPs - Inbound for Inbound restrict access to the AirLink gateway and all LAN connected devices or Trusted IP - Outbound for Outbound restricts LAN access to external network (Internet).

Please refer to page 208,209 in 41113545_ALEOS 4.13.0 Software Configuration User Guide for AirLink MP70_r1.pdf for more details.
https://source.sierrawireless.com/resources/airlink/software_reference_docs/airlink-mp-series---configuration-guide/#sthash.BIAp23Cn.dpbs

3

I want to only allow access to only one dns server on the internet as we are using DNS based Content Filtering and I don’t want anyone using any other DNS server. So only allow dns(53) outbound to a specific IP address… I need a way to block based on source port and destination address like most other firewalls…

4

Hi justin,

Please try with “DNS Override”
Go to ACEManager -> LAN -> Global DNS -> DNS Override
Enable “DNS Override”, enter DNS address

Alternate DNS Port If you want to specify the port on the connected device that the AirLink gateway sends IP
address resolution responses to:

  1. Ensure that the DNS Override field is set to Enable.
  2. Enter the desired port number in this field.
  3. Click Apply.
    When this field is set to 53 (default) or 0, packets are sent to port 53, the standard DNS port

Please refer to page 157 in in 41113545_ALEOS 4.13.0 Software Configuration User Guide for AirLink MP70_r1.pdf for more details.

You can use Port Filtering — Outbound to block source port and Trusted IPs—Outbound to block destination address.

Please refer to page 208,209 in 41113545_ALEOS 4.13.0 Software Configuration User Guide for AirLink MP70_r1.pdf for more details.

Apply all changes and reboot.

1 Like