Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[derek_gruending]

Does the DFL-800 have a Blocked Services, Access Control, or Port Filtering feature that lets you block outgoing access to certain ports of a set of IP addresses

If some or all of the users connect to my network with computers that aren’t under my control, or for double protection, I want to try to configure the firewall to block all outgoing DNS traffic, except to the OpenDNS servers. This way even if users set their computer to use another DNS server, the firewall will stop the communication; it will only allow web browsing when OpenDNS is being used.

My underlying objective is to block users from being able to access Port 53 of any IP address, except the IP addresses of the OpenDNS services, which are 208.67.222.222 and 208.67.220.220.

Is there a way of doing this in the DFL-800?  If so, how do I go about configuring this?

Thanks
Derek

[chechito]

firewall works from the basis of any traffic its allowed, in other words all traffic its blocked unless you permit it with a rule.

you can forbid dns (udp 53) traffic to any server on the internet except opendns servers

optionally you can redirect any dns (udp 53) traffic going from your lan to any direction on the internet to the open dns ip address

[derek_gruending]

Hi, thanks for your reply.

Are you saying that port 53 will be blocked by default unless I manually open it?  Or do I need to create an IP rule of some sort to block it?

Thanks again,
Derek

[chechito]

yes all blocked except the cortesy rules coming with firewall

and aditionally the rules for outgoing trafic to the internet will be NAT type to translate local addresses to the wan public address