Firewall/Rules

  • Check the firewall log for blocked connections from the LAN (Status > System Logs, Firewall tab)
    • If blocks are observed, check the rule that blocked and adjust rules accordingly (Firewall > Rules, LAN tab)
  • Check that the LAN rule allows all protocols, or at least TCP and UDP ports for reaching DNS and HTTP/HTTPS, and allows ICMP for testing. (Firewall > Rules, LAN tab)
    • Not allowing UDP would make DNS fail, among other things. Similarly, on a DNS rule, using UDP only and not TCP/UDP will cause larger queries to fail.
    • Not allowing ICMP would cause ping to fail, but other protocols may work
    • Not allowing TCP would cause HTTP, HTTPS, and other protocols to fail.
  • Check that the LAN rule allows to a destination of any (Firewall > Rules, LAN tab)
    • Traffic going to the Internet will need an “any” destination. Using the wrong destination would not allow traffic to reach the Internet (e.g. “WAN net” which is only the subnet of the WAN interface, NOT the Internet.)
  • Check that the LAN rule does not have an improper gateway set (Firewall > Rules, LAN tab)
    • If it is set to leave by some other (possibly broken) non-WAN gateway it would cause the connections to fail
© Copyright 2025 . All Rights Reserved. AZTCO-FW| Developed By AZTCO-FW. Powered by AZTCO.