NAT router configuration

Re: NAT routers

Maybe I should open another thread re NAT. I am on DSL and am behind a NAT. My router has the option of additional security settings. However, I do not consider myself competent to do that. I am using LnS firewall, and I am somewhat afraid that if I set up the hardware firewall in my router I may bite off more than I can chew.

Is the NAT pretty secure in line with the software firewall?

Thanks,
Jerry

 

Re: NAT routers

Hi jerry most of us in here use the Logic of using Layers of Protection and using the additional settings in your router is a good Start!!
As I use a Linksys Router myself and all the Different Security Software I use Just in case one fails for no reason the others will pick up the slack!!

Cheers,

dagolag

 

Re: NAT routers

I have split your post off into it's own thread.

What type of additional settings does it offer? We may be able to help here or point you in the right direction if you should choose to explore it's configuration options.

NAT by virture of how it works affords you good protection from unsolicited inbound traffic providing you are not doing any port forwarding. By default NAT permits all outbound from the LAN. Using a software firewall on systems behind the router allows you to restrict what applications can access the network/Internet and provides additional control for those that want this extra layer of security.

Regards,

CrazyM

 

My router is an Actiontec.
It provides a NAT and three levels of firewall security.
At the highest level the service ports are

http port 80 in no out yes
dns 53 in no out yes
ftp 21 no no
telnet 23 no yes
smtp 25 no yes
pop3 110 no yes
nntp 119 no no
real audio/video 7070 no yes
icmp n/a no yes
H323 1720 no no
T.120 1503 no no
SSH 22 no no

for medium security the ports are the same except that all IN are no except real audio/video and port 7070 is yes. The OUT for that is no and all others are yes for the OUT.

for the low security level IN for ports 80, 21, 23, 25, 110, 119, are all NO. Other INs are yes.
all OUTbounds are yes ecept 7070 which is no.

I hope this makes sense. It does not to me. That is why I have left it a default which is NAT.

Jerry

 

Hi Jerry

Does it allow you to modify the existing leveles or create your own?

Regards,

CrazyM

 

I don't know. I assume that the settings that it gives, that I posted, are the only options. I have lost the CD for it, and am having a friend make a copy for me. He has the same kind.

Sorry that I cannot answer your question, but I am way over my head in this stuff.That is the reason that I have not tried to do anything with it. I do no high risk surfing.

Jerry