• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Routers block out RPC by default?

E

elzmaddy

Senior member
I looked at my Netgear gateway's filter set, and there were no explicit filters regrading ports 135, 4444, 69, etc -- only ports 21, 23, 137-139, 80 were blocked (UDP/TCP). I did however create a filter set for all the RPC related ports. So my question, since there are no explicit rule to forward these ports, do routers, without any additional configuration, block out incoming RPC requests?
 
I see. Are most routers are configured by default with a rule to block the port, or does this happen just because they don't know where to forward it?
 
That's a good question. I'm not sure about that myself, but I think the ports like 135 get blocked because the router doesn't know where to forward it. It won't know until you turn on port forwarding.
 
Originally posted by: STaSh
A firewall should always be configured to drop everything. You then open the ports you need.
Click to expand...

Yea, most firewalls will block all WAN->LAN traffic except the ports you specify; however they will usually allow all LAN->WAN traffic through regardless of port, due to dynamic ports
 
Yeah I know, I probably should've made that more clear. But the original post asked if routers block incoming RPC by default.
 
All NAT devices will block all unsolicited incoming traffic by default. This is how NAT can be considered a firewall. To get around this you can either open selected ports so you can run various web services (www & ftp) or you can put a PC in the DMZ. So, unless you specifically open the port or your PC is in the DMZ you will be fine.
 
On a Cisco router if you place an access list on an interface the implicit deny order is in effect. You must then open up what you want to let in or out.

 
You must log in or register to reply here.

TRENDING THREADS

Back
Top