bottleneck
Choose style:

Author Topic: Almond Firewall Question / Possible issue  (Read 6130 times)

0 Members and 1 Guest are viewing this topic.

Offline mcannon.gso

  • Newbie
  • Posts: 4
  • Thanks: 0
  • Registered : 23/02/2014
    YearsYearsYearsYearsYears
Almond Firewall Question / Possible issue
« on: February 24, 2014, 08:37:14 am »
Good Day!
This is a 2 part post..

1st Part.. After setting up the Almond router and accessing the WebGUI to customize my environment, I noticed that the Syn Flood, Prevent port scans and SPI firewall were all disabled. Is this by design? I know that NAT in itself is considered a firewall, however was wondering why these options were disabled.

2nd Part.. After activating the above options in the firewall, I noticed a couple of things that warrant mentioning. Once these were active I power cycled the router and tested it with Shields UP! to test the firewall and all checked ok. After making a change in the network (removed the 8.8.8.8 DNS entry from the secondary DNS entry. I ran Shields UP! again and the ports were closed, but not stealthed. I power cycled the router and all was good again. Changed the wireless channel from the WebGUI and lost the stealth of the ports again. Seems when certain changes are made in the WebGUI it turns off port stealthing. Now that all is setup I also noticed that my WHS 2011 has not been able to keep it's ports open using UPNP. I my Windows Phone 8 has also had issues holding an internet connection. Not sure if these are related to the firewall options or not.

Any comments, instructions or thoughts are welcomed and appreciated.

--Mike

Offline mcannon.gso

  • Newbie
  • Posts: 4
  • Thanks: 0
  • Registered : 23/02/2014
    YearsYearsYearsYearsYears
Re: Almond Firewall Question / Possible issue
« Reply #1 on: February 26, 2014, 06:25:04 am »
** Bump **

Offline Patrick Wilson

  • Cashew
  • ****
  • Posts: 220
  • Thanks: 0
  • Registered : 21/07/2013
    YearsYearsYearsYearsYearsYears
Re: Almond Firewall Question / Possible issue
« Reply #2 on: February 26, 2014, 04:45:23 pm »
Good Day!
This is a 2 part post..

1st Part.. After setting up the Almond router and accessing the WebGUI to customize my environment, I noticed that the Syn Flood, Prevent port scans and SPI firewall were all disabled. Is this by design? I know that NAT in itself is considered a firewall, however was wondering why these options were disabled.

2nd Part.. After activating the above options in the firewall, I noticed a couple of things that warrant mentioning. Once these were active I power cycled the router and tested it with Shields UP! to test the firewall and all checked ok. After making a change in the network (removed the 8.8.8.8 DNS entry from the secondary DNS entry. I ran Shields UP! again and the ports were closed, but not stealthed. I power cycled the router and all was good again. Changed the wireless channel from the WebGUI and lost the stealth of the ports again. Seems when certain changes are made in the WebGUI it turns off port stealthing. Now that all is setup I also noticed that my WHS 2011 has not been able to keep it's ports open using UPNP. I my Windows Phone 8 has also had issues holding an internet connection. Not sure if these are related to the firewall options or not.

Any comments, instructions or thoughts are welcomed and appreciated.

--Mike

By default we are not selecting the best firewall option [ first boot ].  If we make the "defaults" too strict,  it can make for a negative experience for new owners.  Experienced users always have the opportunity to change this setting,  just as you have done.

We market a device that can be setup in under 3 minutes without a PC or a CD,  so we want to keep our product easy to use right out of the box.  Experienced customers like yourself (and myself) enjoy browsing around the settings to ensure they are up to our standards.  Customers come with various degrees of technical knowledge when it comes to routers,  so defaults have been chosen to  make setup as quick and easy as possible. 

Our new Almond+ Router has some very advanced features in it,  and it might be a more suitable choice for you down the road. . 

RE: Shields UP! Test :port stealth results against almond

This is a known Bug,  that we will fix in a future Firmware release.  (Thank-you mentioning it)

 
Patrick Wilson
Victoria, BC Canada

Offline mcannon.gso

  • Newbie
  • Posts: 4
  • Thanks: 0
  • Registered : 23/02/2014
    YearsYearsYearsYearsYears
Re: Almond Firewall Question / Possible issue
« Reply #3 on: February 27, 2014, 11:12:51 am »
Patrick,

Thank you for your quick response.
I thought this was the answer for the firewall settings, however I wanted to verify.

Unfortunately, since this issue exists with the ports security and as you said it will be fixed in a future firmware release I had to demote the Almond to an access point.

I do think for the common "Human" this router is a real treat.

I hope these bugs get worked out as I do see a very bright future for the Almond..

--Mike

Offline Patrick Wilson

  • Cashew
  • ****
  • Posts: 220
  • Thanks: 0
  • Registered : 21/07/2013
    YearsYearsYearsYearsYearsYears
Re: Almond Firewall Question / Possible issue
« Reply #4 on: February 27, 2014, 01:12:34 pm »
Patrick,

Thank you for your quick response.
I thought this was the answer for the firewall settings, however I wanted to verify.

Unfortunately, since this issue exists with the ports security and as you said it will be fixed in a future firmware release I had to demote the Almond to an access point.

I do think for the common "Human" this router is a real treat.

I hope these bugs get worked out as I do see a very bright future for the Almond..

--Mike

I don't quite understand the need to "demote" it to an Access Point,  as you've already figured out the "work around" for it.  That said however,  my Almond is setup as an AP here as well,  as my main router will soon be the Almond+.  My Almond is the first Router that I have ever owned that permits setup as an AP with only a single option change.  My Almond will likely continue to operate as an AP for me for the remainder of it's service life.  (I have owned more than 30 Routers in the past 20 years,  and the Almond is the easiest one to configure that I have ever used when it comes to configuration as an AP).

Our software team is presently working hard at getting the Firmware for our Almond+ completely finished,  but they will be addressing this issue on the original Almond as soon as possible after we get the Almond+ to market.     
Patrick Wilson
Victoria, BC Canada

 

Page created in 0.096 seconds with 24 queries.