Business Community > Business Routers (Standalone) > ER605 - no firewall? (latest firmware everywhere)
< Business Routers (Standalone)

ER605 - no firewall? (latest firmware everywhere)

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

ER605 - no firewall? (latest firmware everywhere)

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
ER605 - no firewall? (latest firmware everywhere)
ER605 - no firewall? (latest firmware everywhere)
2021-05-11 16:16:28 - last edited 2021-05-11 16:51:57
Model: ER605 (TL-R605)  
Hardware Version: V1
Firmware Version: 1.0.1

I'm confused here. I thought the ER605 was an edge-router. I just replace my Ubiquiti ER-X with this and it has <10% the capability. I got it adopted, reset my LAN to my preferred 10.50.1.1/24, coded all my fixed IPs, but "none" of the things I'd expect from a Router beyond DHCP seem to exist. Port-Forwarding (can't find it), Firewall (straight rejected). And when I test my port security from GRC's Shields Up the vast majority of ports are listening and just rejecting (aka, "closed" instead of "stealth"). I know closed is still safe, but stealth is preferred. I have a few home servers and can't even figure out how to open a port to it when desired.

 

After many hours playing, I'm planning to return this if I can't get it to be a router today. ... but I don't want to.

 

EDIT:

1) Port-Forwarding: I got the routing to work via the NAT screen, but now I'm limited by the list of source IPs. I need to put ~30 but cap'd at ~5.

2) Closed-Ports: by limiting DHCP to 100-250, and setting up a DMZ to x.x.x.254 I was able to 'stealth' a lot of ports, but things like FTP / SSH / TELNET / UPnP are still there, all be it 'closed'. These are the exact ports I would want to be fully stealth and not reply at all.

 

 

 

  0      
 
  0      
 
#1
Options
4 Reply
Re:ER605 - no firewall? (latest firmware everywhere)
2021-05-12 03:17:31

@MikeL_c8en3f3 

 

I am running the ER605 and have no issues with ports being seen external to the network. Make sure you are setting the Packet Anomaly Defense, I just enabled all of them, settings under network security>attack defense. I also disabled ALGs under the Transmission>NAT>ALG settings. I left IPsec alg and PPTP alg enabled.

 

 

  0  
  0  
#2
Options
Re:ER605 - no firewall? (latest firmware everywhere)
2021-05-12 04:00:25
Thanks ian_682 ... I ended up reverting already to my ER-X as the ER605 was just not cutting it for me. Maybe in standalone mode, but it was flaky and Omada even kept reporting it as down. Every 2-3 hours on average. I reset it to standalone/stock and it didn't work at all, mainly because my Omada was all set to 10.50.1.1/24 and the ER605 would only come up in 192.168.0.1/24 and because a real nuisance. I factory reset the ER-X, set it to my desired 10.50.1.1/24, setup a couple other things (ex: static IPs), then swapped out the ER605 and like magic everything works again. And I'm "true stealth" every where except my 443 port again (once I open it). Too bad. It "seemed" like a solid device. But it just didn't work to expectation as part of the Omada SDN. Which was the whole point of getting it. I also felt that once integrated with Omada I lost what looked like 75% of the features of when it was standalone.
  0  
  0  
#3
Options
Re:ER605 - no firewall? (latest firmware everywhere)
2021-05-28 23:43:36

@ian_682 Are you saying that shields up returns stealth for all your ports?  Mine is showing all visible even on the newest 1.1 firmware.

  0  
  0  
#4
Options
Re:ER605 - no firewall? (latest firmware everywhere)
2021-05-29 02:04:39 - last edited 2021-05-29 02:05:37

With my ER-X, yes. full stealth. With my ER-605, nowhere near stealth. https://ibb.co/NywycqM

 

  0  
  0  
#5
Options

Information

Helpful: 0

Views: 10

Replies: 0

About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.