[Coop88]

Hello,

Is the firewall built in to this modem/router really necessary? I ask because in order to use VPN on my laptop (wireless) I must first turn the firewall off to connect to the office. I also need to turn the firewall off to play a game on my PC (wired). I have been to Port Forward.com and followed instructions there with no success. Since I always have to restart the modem/router to disable the firewall, I'm thinking about just leaving it off. My manual says when the firewall is off, it revertes to NAT (whatever that is). I also use ZoneAlarm on my PC, and McAfee on the laptop (laptop provided by work, no options to change anything there). If I leave the firewall disabled, am I leaving myself at risk for attack?

Thanks for reading.

[Advertisements]

hi coop,

If the router allows it you can set up Port forwarding for the VPN or set the laptop in the DMZ in the router firewall settings, The DMZ will open all ports to the laptop. Your IT guys will no which ports to forward.

I personally think turning off the router firewall takes away one layer of protection that is needed and not advisable in most cases

[silverbeard]

hi coop,

If the router allows it you can set up Port forwarding for the VPN or set the laptop in the DMZ in the router firewall settings, The DMZ will open all ports to the laptop. Your IT guys will no which ports to forward.

I personally think turning off the router firewall takes away one layer of protection that is needed and not advisable in most cases

[Coop88]

I have the list of ports that need to be open for VPN (and the game). It seems even using port forwarding the only way to connect is to turn the firewall off. But if turning the firewall off reduces my security, then I'll need to find an alternative. Any suggestions?

Edit: Allow me to clarify- using port forwarding on the router I still cannot connect to an on online game on my PC, and the laptop will not connect at all (wireless). However, if I do NOT use port forwarding and just turn the firewall off, both the laptop VPN program and PC game work.

2nd Edit: Just reread the reply above, if DMZ opens all ports to the laptop how is that different than turning the firewall off?

Edited by Coop88, 15 October 2006 - 12:28 PM.

[silverbeard]

It is the same thing. I was just concerned about your other PC. Your work laptop, to me. would be the worry and responsibility of your IT department. I would be concerned with my personal equipment, which is why I sugested forwarding the DMZ for the laptop.

[Coop88]

I know it's been awhile...but I set my laptop's IP address as the host for DMZ in my router. I still cannot connect with VPN unless I disable the router firewall. I checked the IP address on the laptop by going to start, cmd, ipconfig\all. I entered that IP address into the DMZ host field in the router setup screen. Am I missing a step here? It seems my router is somehow special and none of the advice I have recieved applies to it? Don't get me wrong, I appreciate the advice. Is it normally this hard to change settings in a router? Perhaps I should just use my existing box as a modem only and use a router from a different manufacturer? It appears my options for support from Actiontec are to call my ISP (who has NEVER been able to answer my questions in the past) or pay Actiontec $30 an hour to have them help me set up my network. My gut tells me it shouldn't be this hard, but I simply lack the knowledge/experience to know what my next step should be. My IT dept from work won't assist, as the modem/router is not their problem. What is the point of having a router if the firewall must be disabled? I am open to any suggestions at this point. Sorry for the rant, this is frustrating.

[dsenette]

just incase it's helpfull here's the manual for this gateway (it's an adsl gateway right?) http://www.actiontec...nd/gt704-wg.pdf page 47 is about the aplication layer gateway and port forwarding....which i'm sure you've looked at...did y ou do the port forwarding manually? or were you able to use the aplication layer method within the device? (as it allows you to actually pick specific types of apps and it will configure it on it's own from there)

[Coop88]

Thank you for the response. I already have the user manual for the device, as it was the first place I looked for information. Thanks anyway for the link. This device has no option for an application layer method--even though it is listed in the user manual. It simply is not an option in the menu, trust me. I suppose the solution to my problem is to simply turn off the firewall to the router. It may not be as secure as it could be, but at least my programs will work.

[pip22]

If it's any consolation Coop88, I also run my router with it's firewall disabled but with a good software firewall (Outpost Pro) as an alternative which is also more configurable and gives me more info about what's happening. I sometimes get slow or no connectivity with router firewall running at same time so it's disabled. I don't feel insecure at all like this, Outpost Pro is regarded as one of the best.

[dsenette]

i wonder (because i don't like books telling me something exists and then physically seeing that it doesn't) if the aplication firewall....reqires a firmware upgrade?

[Coop88]

I had considered upgrading the firmware until I went to the Actiontec website and found the date of the firmware upgrade was 7/22/05. I purchased the router in June of 06. I thought my router would already have the newest firmware, since it was purchased a year after the newest firmware upgrade. Should I try it anyway? Here is the link: http://www.actiontec...rm_updates.html. I did NOT purchase from my ISP. Thanks for reading.

[pip22]

Well the purchase date is not necessarily a true guide of the firmware date (unless there's a manufacturing date on the label), as it (the router) could have been old stock lying on the shelf for any amount of time. A check on the website against the actual firmware in the router is the way to go.

Edited by pip22, 01 November 2006 - 03:46 AM.

[Coop88]

After updating the firmware, the Actiontec gateway ceased to operate. Yes, I read the website and made sure the model number was correct, etc. The modem will light up, but I am unable to access it when I type in the web address. I ordered a replacement modem, and have internet access again. Router will be a D-Link DGL 4300. As soon as I figure out why it's not connecting, I should be all set. Thanks again.