Page 1 of 3 123 LastLast
Results 1 to 10 of 21
  1. #1
    Senior Tech 100+ Posts
    Join Date
    Mar 2009
    Posts
    241
    Rep Power
    27

    Use a router as a kinda switch with a firewall to block traffic?

    I'm not sure if this is even possible but could you use a mini router to block all traffic except certain ports? Say if a machine was getting random traffic and it was causing problems could a mini router be used as a kind of filter?

    Screenshot_20210228-213830_Samsung Notes.jpg

    Where would you start does that even have a name?

  2. #2
    IT Manager 5,000+ Posts bsm2's Avatar
    Join Date
    Feb 2008
    Location
    Free Mississippi
    Posts
    8,609
    Rep Power
    116

    Re: Use a router as a kinda switch with a firewall to block traffic?

    Need more details on the problem

    Start with the easy stuff first assign a new ipaddress to the copier.

  3. #3
    RTFM!! 2,500+ Posts allan's Avatar
    Join Date
    Apr 2010
    Location
    Centurion
    Posts
    4,460
    Rep Power
    100

    Re: Use a router as a kinda switch with a firewall to block traffic?

    Quote Originally Posted by fishleg View Post
    I'm not sure if this is even possible but could you use a mini router to block all traffic except certain ports? Say if a machine was getting random traffic and it was causing problems could a mini router be used as a kind of filter?

    Screenshot_20210228-213830_Samsung Notes.jpg

    Where would you start does that even have a name?

    What problems are you experiencing? Make and model of machine if its limited to that? The machine works on those ports and you would limit the function of it. You can always change the port numbers on both sides like for printing change it on the machine and driver.
    Whatever

  4. #4
    Senior Tech 100+ Posts
    Join Date
    Mar 2009
    Posts
    241
    Rep Power
    27

    Re: Use a router as a kinda switch with a firewall to block traffic?

    In 12 years I've only ever seen two machines that did this and both where a complete nightmare to solve. I think it's what they called broadcast traffic and it was overloading the machine which would cause the machine to crash randomly every couple of hours. The 1st one was caused by hp laptops with dodgy network card drivers made them resend packets constantly. The customer never noticed any other problem with their network and these laptops where mobile so wouldn't all be in the building at the same time. We used a old hub and laptop connected to wire shark to see what the poor copier was having to deal with.

    I've always been curious how routers etc work so was wondering if one could be used to troubleshoot a situation like that. So the router would act like a switch and just pass through to the copier but use the internal firewall of the router to only let through say port 9100 and nothing else.

  5. #5
    IT Manager 5,000+ Posts bsm2's Avatar
    Join Date
    Feb 2008
    Location
    Free Mississippi
    Posts
    8,609
    Rep Power
    116

    Re: Use a router as a kinda switch with a firewall to block traffic?

    Not normal
    but start it as a fresh install new ip new drivers

  6. #6
    Service Manager 2,500+ Posts
    Use a router as a kinda switch with a firewall to block traffic?

    BillyCarpenter's Avatar
    Join Date
    Aug 2020
    Location
    Long Beach, Mississippi
    Posts
    4,134
    Rep Power
    142

    Re: Use a router as a kinda switch with a firewall to block traffic?

    Quote Originally Posted by fishleg View Post
    I'm not sure if this is even possible but could you use a mini router to block all traffic except certain ports? Say if a machine was getting random traffic and it was causing problems could a mini router be used as a kind of filter?

    Screenshot_20210228-213830_Samsung Notes.jpg

    Where would you start does that even have a name?
    I don't think a simple router such as the one you describe is capable of blocking selective ports. At least I've never seen an option to do that. And even if you could, it may cause a ripple effect for other devices on the network. If your device is getting unwanted traffic and it's causing issues, I think the best solution is to use something like Wire Shark and trace down the unwanted traffic and put a stop to it. Just my opinion.

    PS - A bad switch can cause unwanted traffic to an IP address because the IP/host table becomes corrupt. Try chaging ports or change the switch itself.
    Last edited by BillyCarpenter; 03-01-2021 at 05:06 AM.

  7. #7
    Service Manager 2,500+ Posts
    Use a router as a kinda switch with a firewall to block traffic?

    BillyCarpenter's Avatar
    Join Date
    Aug 2020
    Location
    Long Beach, Mississippi
    Posts
    4,134
    Rep Power
    142

    Re: Use a router as a kinda switch with a firewall to block traffic?

    Also, it's possible you could have a network "loop" because of a bad routing table. This is a pretty good article on loops:




    Network loops and loop avoidance

    Published on September 15, 2019




    Experience in Wireless, Routing, Switching ,Customer support, Network planning, Troubleshooting,DNS,HTTP,Streaming,CDN


    Do you know what a network loop is? Have you ever had a network loop in your LAN? So what happens when there is a loop in your network?[/COLOR]
    First, letís look at what a network loop means?

    A network loop occurs when a network has more than one active path carrying information from the same source to the same destination. The information loops and amplifies itself using the additional path instead of stopping when it reaches its destination. Network loops might cause a slow, irregular Internet connection or network failure.[/COLOR]

    A network loop is a network configuration where there is more than one path between two computers or devices, which causes packets to be constantly repeated. This is due to the fact that a hub will blindly transmit everything it receives to all connections ó other devices, such as switches and routers, might be able to reduce or eliminate this problem.
    [/COLOR]

    When working with medium to large scale networks, IT departments are often faced dealing with network loops and broadcast storms that are caused by user error, faulty network devices or incorrect configuration of network equipment. Network loops and broadcast storms are capable of causing major network disruptions and therefore must be dealt with very quickly.
    [/COLOR]

    There are two kinds of network loops and these are routing loops and physical loops.


    A routing loop is a situation where a packet keeps getting routed between two or more routers because of problems in the routing table. In case of distance vector protocols, the fact that these protocols route by rumor and have a slow convergence time can cause routing loops.A routing loop is a common problem with various types of networks, particularly computer networks. They are formed when an error occurs in the operation of the routing algorithm, and as a result, in a group of nodes, the path to a particular destination forms a loop.[/COLOR]



    Physical loop is caused by a loop link between devices. A common example is two switches with two active Ethernet links between them. Broadcast packets exiting the links on one switch are replicated and sent back from the other switch. This is also known as a broadcast storm. A [/COLOR][COLOR=rgba(0, 0, 0, 0.75)]switching loop[/COLOR][COLOR=rgba(0, 0, 0, 0.75)] or bridge [/COLOR][COLOR=rgba(0, 0, 0, 0.75)]loop[/COLOR][COLOR=rgba(0, 0, 0, 0.75)] occurs in computer networks when there is more than one Layer 2 (OSI model) path between two endpoints (e.g. multiple connections between two network [/COLOR][COLOR=rgba(0, 0, 0, 0.75)]switches[/COLOR][COLOR=rgba(0, 0, 0, 0.75)] or two ports on the same [/COLOR][COLOR=rgba(0, 0, 0, 0.75)]switch[/COLOR][COLOR=rgba(0, 0, 0, 0.75)] connected to each other).


    Rest of article:


    https://www.linkedin.com/pulse/network-loops-loop-avoidance-priyanka-kumari



  8. #8
    Retired 10,000+ Posts slimslob's Avatar
    Join Date
    May 2013
    Location
    Bakersfield, CA
    Posts
    14,077
    Rep Power
    374

    Re: Use a router as a kinda switch with a firewall to block traffic?

    Quote Originally Posted by BillyCarpenter View Post
    I don't think a simple router such as the one you describe is capable of blocking selective ports. At least I've never seen an option to do that. And even if you could, it may cause a ripple effect for other devices on the network. If your device is getting unwanted traffic and it's causing issues, I think the best solution is to use something like Wire Shark and trace down the unwanted traffic and put a stop to it. Just my opinion.

    PS - A bad switch can cause unwanted traffic to an IP address because the IP/host table becomes corrupt. Try chaging ports or change the switch itself.
    There are a number of routers that can do just that. There are also stand alone firewalls that can be installed between the ISP modem and a router. Both types often out of the box require configuration to be functional. Very often out of the box they block everything. I have had to help customers that have purchased both types. Had to open port 80 just to use the internet. You have to determine exactly what ports the customer need to use and open only those.

    It almost sounds like fishleg is either being hit with a DOS/DDOS attack or his computer is being used as a slave attacker in one.

  9. #9
    Service Manager 2,500+ Posts
    Use a router as a kinda switch with a firewall to block traffic?

    BillyCarpenter's Avatar
    Join Date
    Aug 2020
    Location
    Long Beach, Mississippi
    Posts
    4,134
    Rep Power
    142

    Re: Use a router as a kinda switch with a firewall to block traffic?

    Quote Originally Posted by slimslob View Post
    There are a number of routers that can do just that. There are also stand alone firewalls that can be installed between the ISP modem and a router. Both types often out of the box require configuration to be functional. Very often out of the box they block everything. I have had to help customers that have purchased both types. Had to open port 80 just to use the internet. You have to determine exactly what ports the customer need to use and open only those.

    It almost sounds like fishleg is either being hit with a DOS/DDOS attack or his computer is being used as a slave attacker in one.

    You're right. I had a total brain fart on that one. One downside I found to cramming so much information in a short amount of time is that I'm starting to forget some of it. If you don't use it, you lose it.


    I guess in theory his idea would work. Not entirely sure about that? I think he really needs to find to source of the unwanted traffic and eliminate it. That's where Wire Shark would come in real handy. Before anyone says it, I know most companies won't allow it.

  10. #10
    Service Manager 1,000+ Posts rthonpm's Avatar
    Join Date
    Aug 2007
    Location
    Pennsyltucky
    Posts
    1,910
    Rep Power
    63

    Re: Use a router as a kinda switch with a firewall to block traffic?

    The better solution for this would be a VLAN on the switch port for the MFP that only allows the traffic needed for printing and the web interface (9100, 515, 80, or 443) and drops everything else. The customer would need a managed switch to do that but it's going to be a much better solution than trying to add a router, which serves a very different purpose.

    A lot of our customers are going the VLAN route since it can also be used from a management perspective to segment devices by their function and allows for a lot less traffic.

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Get the Android App
click or scan for the Copytechnet Mobile App

-= -= -= -= -=


IDrive Remote Backup

Lunarpages Internet Solutions

Advertise on Copytechnet

Your Link Here