Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




10 posts

Wannabe Geek


# 181317 10-Oct-2015 15:16
Send private message

I'm trying to set up the firewall on my router, but boy its a complicated little monster. I'm pretty comfortable working on the router, but I'm not a network engineer. Can anyone point me in the right direction on how to configure the firewall. I want to create a custom firewall rule to block google's DNS servers recently the netflix app on my android devices has been a little flakey about connecting.

Create new topic
4273 posts

Uber Geek


  # 1403531 10-Oct-2015 15:37
Send private message

No need to muck around with the firewall. Simplest option is to create a static route.

On the NF4V you just specify the ip address and subnet (you want 8.8.8.8/32 & 8.8.4.4/32), the tell it to go to the LAN interface (rather than the PPP interface) and put in a random IP address for the gateway - just needs to be in your LAN range otherwise the stupid router doesn't like it.

5 posts

Wannabe Geek


  # 1440915 5-Dec-2015 10:43
Send private message

Any luck with the static routes? They work for my chrome cast but they stop my android netflix apps playing locally as (from what i have read) they require the ip 8.8.8.8 accessible. So can either watch region free on my android devices or on my chrome casts but not both. I have been trying to get a fire wall rule working but, like you, i am no network engineer. It always allows the ping test through. 

I'm on a fibre connection.

I have applied static ips to my androids, chrome casts, and my main pc by mac address. Added a firewall and set two rules for my pc as this is the easiest for me to test if a rule works or not, i think ... could be wrong. 

Any suggestions?


 
 
 
 




10 posts

Wannabe Geek


  # 1440917 5-Dec-2015 10:50
Send private message

The Netflix app only works some of the times, its a real pain. It used to work perfectly, now I pretty much have to use my PC with the chromecast extension to watch netflix on TV.

855 posts

Ultimate Geek

Trusted
Subscriber

  # 1440930 5-Dec-2015 11:43
One person supports this post
Send private message

I have previously shared my quite nicely working setup in another thread:

http://www.geekzone.co.nz/forums.asp?forumid=151&topicid=179390

5 posts

Wannabe Geek


  # 1441044 5-Dec-2015 16:00
Send private message

Hey jamesrt, that was helpful. I'm not sure if you fully understood the problem though. I still needed my androids to be able to access 8.8.8.8 and 8.8.4.4.

Here's what i ended up with:

Click to see full size

192.168.20.201 and 202 are my chromecasts with static ips assigned. It appears that the mask was my issue. 255.255.255.255 was the key instead of my subnet mask of 255.255.255.0.

To test it i...
Turned off the orcon white and the fibre box,
turned off the wifi on my xperia z2 and nexus 7,
deleted the data for netflix on both of androids,
Turned on the orcon white and the fibre box,
turned on the wifi on the androids,
opened netflix and signed in (on the xperia it failed to sign in first go, but i just hit retry (or whatever the button is!),
played locally then cast to each chrome cast in turn which each android.



855 posts

Ultimate Geek

Trusted
Subscriber

  # 1441055 5-Dec-2015 16:53
One person supports this post
Send private message

SSkinny: I'm not sure if you fully understood the problem though. I still needed my androids to be able to access 8.8.8.8 and 8.8.4.4.

Sorry; skim-read the question and didn't notice that detail.
SSkinny: It appears that the mask was my issue. 255.255.255.255 was the key instead of my subnet mask of 255.255.255.0.

Yeah, if you're trying to blacklist a remote host, you need 255.255.255.255 as the mask, as that indicates a single host; rather that a "subnet" of hosts (which is what 255.255.255.0 indicates).


5 posts

Wannabe Geek


  # 1441058 5-Dec-2015 17:03
Send private message

Cheers again James, you solved my issues and enlightened me a bit more.

 
 
 
 




10 posts

Wannabe Geek


  # 1441249 6-Dec-2015 09:04
Send private message

Does this mean I can remove all the static routes that I were using instead?

855 posts

Ultimate Geek

Trusted
Subscriber

  # 1441259 6-Dec-2015 09:48
Send private message

WildQwerty: Does this mean I can remove all the static routes that I were using instead?

If you're using a FW rule to block the traffic, then you shouldn't need static routes as well.

I don't have any static routes set in my router; only the firewall rules I showed in the link above.  I use "DNS4ME", and all devices in the house (mixture of iPhone, Mac, Windows, Android, plus a Chromecast) work fine, and give me the content as indicated by my DNS4ME region.



5 posts

Wannabe Geek


  # 1441264 6-Dec-2015 09:52
Send private message

I have no static routes set. Just the firewall rules. Just ensure you have a static ip assigned to the chromecasts so the rules will always work.

5 posts

Wannabe Geek


  # 1449582 13-Dec-2015 10:49
Send private message

Any luck wild?

Create new topic



Switch your broadband provider now - compare prices


Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Vodafone 5G service live in four cities
Posted 10-Dec-2019 08:30


Samsung Galaxy Fold now available in New Zealand
Posted 6-Dec-2019 00:01


NZ company oDocs awarded US$ 100,000 Dubai World Expo grant
Posted 5-Dec-2019 16:00


New Zealand Rugby Selects AWS-Powered Analytics for Deeper Game Insights
Posted 5-Dec-2019 11:33


IMAGR and Farro bring checkout-less supermarket shopping to New Zealand
Posted 5-Dec-2019 09:07


Wellington Airport becomes first 5G connected airport in the country
Posted 3-Dec-2019 08:42


MetService secures Al Jazeera as a new weather client
Posted 28-Nov-2019 09:40


NZ a top 10 connected nation with stage one of ultra-fast broadband roll-out completed
Posted 24-Nov-2019 14:15


Microsoft Translator understands te reo Māori
Posted 22-Nov-2019 08:46


Chorus to launch Hyperfibre service
Posted 18-Nov-2019 15:00


Microsoft launches first Experience Center worldwide for Asia Pacific in Singapore
Posted 13-Nov-2019 13:08


Disney+ comes to LG Smart TVs
Posted 13-Nov-2019 12:55


Spark launches new wireless broadband "Unplan Metro"
Posted 11-Nov-2019 08:19


Malwarebytes overhauls flagship product with new UI, faster engine and lighter footprint
Posted 6-Nov-2019 11:48


CarbonClick launches into Digital Marketplaces
Posted 6-Nov-2019 11:42



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.