Firewall Configuration

From FON Wiki Beta

This page will help you to personalize the firewall settings of your Fonera 2.0. You can reach the menu described on the following page from the Settings menu of your Fonera 2.0. Click on the Firewall icon:

Contents 1 Access Policy Configuration 2 Port Forwarding Menu 3 UPnP Configuration 4 Application Menu

Access Policy Configuration

This page allows configure the access policies between your different networks:

• Public: Is the public wireless signal of the Fonera.
• Private: Is the private wireless signal of the Fonera, as well as its LAN ports.
• WAN: Is the Internet port of the Fonera, the one connected to a broadband modem or router.

Port Forwarding Menu

From this page you can configure your port forwarding rules. It allows to redirect the traffic coming on the WAN Interface (Internet port of the Fonera) to a specific IP of a computer connected to the Fonera.

• Protocol: TCP, UDP or TCP and UDP. Check the documentation of the software you need to forward a port for to know which protocol it uses.
• Source Port: Number of the port. eg: 80 if you are running a webserver behind the Fonera.
• IP: The IP of the computer hosting the software which need a port redirection.
• Target Port: Number of the port on which the services is running on the target computer. eg: 80 if you are running a webserver.

If your Fonera is plugged to a router and the traffic that you want to redirect is coming from the Internet, you have as well to redirect the port from your router to the WAN IP of the Fonera so it finally reaches targeted computer.

UPnP Configuration

UPnP is enabled by default. The UPnP Protocol allows computers (or gadgets) connected to the private signal or to LAN ports of the Fonera to open and forward the ports they need to work properly.

Note: Configuration of your broadband router might be needed if the softwares need ports open from the internet and not just from the WAN port of the Fonera.

Application Menu

This page allows to enable or disable the access from WAN to the different applications available in the Fonera. That is to say: the access to specific services from computers that are not connected directly to the Fonera. These computers might be connected to your broadband router or even to different Internet access outside of your home (configuration of your broadband router might be needed in that case).

For example: If you enable access to 'Torrent' from WAN, you will be able to control Transmission torrent client from a computer plugged to your broadband router typing: http://IP.OF.WAN.PORT.OF.THE.FONERA:9091 (eg: http://192.168.1.133:9091).

• WebGUI access from WAN allows access to https://WAN.PORT.IP.OF.THE.FONERA and not to http://WAN.PORT.IP.OF.THE.FONERA. Username is 'fonero' and cannot be changed, the password is your general password (default: 'admin')
• SSH access from WAN will only be enabled if your password is complex enough. A password of at least 8 characters, including at least 1 number is compulsory.

Note: To access the different applications available in the Fonera from the Internet, you will have to configure the DDNS Service.