Block access from outside LAN

Borromini · December 5, 2019, 1:55am

What hardware is this? I have read something about older TP-Links leaking connections during boot, before OpenWrt was fully up and running. Maybe something similar is at play here?

By default, the OpenWrt firewall blocks connections from the WAN unless they were established from within the LAN.

m4niacjp · December 5, 2019, 1:56am

It's a Netgear R7800 running on latest Snapshot.

Borromini · December 5, 2019, 1:59am

Could you try a 19.07 RC2 build to see of you can reproduce it? Backup your configuration in case you want to reflash master, but switch to 19.07 without keeping configs, then reconfigure.

erdoukki · December 5, 2019, 10:18am

have you set a DMZ in your Internet Provider BOX/services ?

trendy · December 5, 2019, 11:55am

Can you login or is it just the login screen leftover in the browser cache?
If you can login, take a backup of the configuration, reset to factory defaults, configure the minimal to connect to the internet and try browsing once again.

m4niacjp · December 6, 2019, 1:05am

I can't access my provider BOX/service.

m4niacjp · December 6, 2019, 1:05am

I can login and fully access the router.

m4niacjp · December 6, 2019, 1:05am

I will try later, as every time i upgrade i need to move the router next to my PC as wifi will be disabled by default.

bagus91 · May 26, 2020, 3:36pm

actually u can make custom config to make ur wifi enable by default
i need do custom config too
but still cant make it
maybe someone here could help

bagus91 · May 26, 2020, 3:37pm

what i know
by default u cant access your router from wan
i just flash my router and cant access my router from wan port

psherman · May 26, 2020, 7:22pm

@bagus91 - I answered in your other thread.

I will repeat the warning here because it is important:
It is a very bad idea to expose a freshly reset/flashed router's configuration (ssh and/or web) to the WAN in general, but even more so if there is no password configured (the default state after a reset or flash) .

lleachii · May 26, 2020, 7:27pm

Thank you for providing context via linking @bagus91's other thread...because I was confused when I saw "and cant access my router from wan port."

bagus91 · May 27, 2020, 2:21am

i already read that guide
what i need is sample custom config file
how it looks like
i wanna make sure before i do flash my router
coz if something wrong happens, i cant totally access my router in home because im abroad now.

psherman · May 27, 2020, 2:28am

If you don't have physical access to your router, don't update it. And most certainly do not try to update it with a firewall that will expose the router to the internet with ssh access (and no password). That is just asking for major issues.