Default Firewall configuration in Gargoyle
Posted: Wed Nov 24, 2010 6:10 am
It seems default Firewall configuration in Gargoyle doesn't work.
For example see this post WR1043ND - no routing or packet forwarding LAN->WAN ?
If you use Gargoyle just as Access Point or in AP+WDS mode, and specify another host as Gateway for your LAN, this would not affect you.
But if you want to use Gargoyle router as Router, with Firewall (enabled), and WAN port for Internet connectivity, there is a problem.
According to my test, this affects setup with either StaticIP or PPPoE for WAN interface.
I can ping external site (provider's web site, http://www.google.com) from ssh session (CLI) connected to router.
But if I try to ping same host from PC connected to router (via Ethernet cable), ping is not coming through.
So it seems firewall rejects connections from LAN (in its default configuration).
All QoS settings are set as default (not touched them, so they are disabled)
I partially overcome this by adding All Hosts, All days to White list
(added one rule).
After it I can ping http://www.google.com and other sites.
But ping remains unstable, 1 or 2 pings out of 10 can be lost.
If you try to open some web site in browser, it opens very slowly and sometimes I get timeouts.
Therefor something is still wrong in setup.
Does some one has it working?
What are your settings? (and type of WAN connection)
I also considered turning firewall completely off. At least for testing purposes. But there is no such an option in User Interface.
Please consider adding such option to Gargoyle web UI.
I am concerned that this problem - if not fixed- can affect new users, as they would not get Gargoyle working out-of-the-box.
For example see this post WR1043ND - no routing or packet forwarding LAN->WAN ?
If you use Gargoyle just as Access Point or in AP+WDS mode, and specify another host as Gateway for your LAN, this would not affect you.
But if you want to use Gargoyle router as Router, with Firewall (enabled), and WAN port for Internet connectivity, there is a problem.
According to my test, this affects setup with either StaticIP or PPPoE for WAN interface.
I can ping external site (provider's web site, http://www.google.com) from ssh session (CLI) connected to router.
But if I try to ping same host from PC connected to router (via Ethernet cable), ping is not coming through.
So it seems firewall rejects connections from LAN (in its default configuration).
All QoS settings are set as default (not touched them, so they are disabled)
I partially overcome this by adding All Hosts, All days to White list
(added one rule).
After it I can ping http://www.google.com and other sites.
But ping remains unstable, 1 or 2 pings out of 10 can be lost.
If you try to open some web site in browser, it opens very slowly and sometimes I get timeouts.
Therefor something is still wrong in setup.
Does some one has it working?
What are your settings? (and type of WAN connection)
I also considered turning firewall completely off. At least for testing purposes. But there is no such an option in User Interface.
Please consider adding such option to Gargoyle web UI.
I am concerned that this problem - if not fixed- can affect new users, as they would not get Gargoyle working out-of-the-box.