Highlighted
Emerging Member
Posts: 65
Registered: ‎09-09-2014
Kudos: 4
Accepted Solution

Firewall rule - block inbound hack attempts

I am trying to sort out the best option to stop hack attempts. Right now I have two radios being hit with attacks. These are login attempts all coming from one country. Trying to sort out a rule I could apply to the device. 

 

Here is the layout...

 

These two radios are not configured correctly. I cannot change them right now... they need a hands on touch and I don't have anyone in that area for a few days. Trying to sort out a remote option I can apply.

 

Would like to apply a rule to the core router to block all outside traffic from coming in except for VPN connections and those connections to the hosted UNMS and UCRM servers. Same thing for the CPEs... need to insert a rule in their firewall rules to block inbound traffic. 

 

Right now, the CPEs are on a management VLAN and client devices have public IPs. These two, however, are set up wrong and have public IPs in the CPE. This will be changed but can't happen for a few days. Trying to protect as much as possible in the meantime. 

 

I don't want to block them from legit connections, like me coming in from the VPN into the network so they need to accept 10.x.x.x essentially. 

 

Thoughts? 

---------------------
Alex Wilson
Owner
Collabsion, Inc.
www.collabsion.com


Accepted Solutions
Ubiquiti Employee
Posts: 11,848
Registered: ‎11-27-2012
Kudos: 3797
Solutions: 778
Contributions: 73

Re: Firewall rule - block inbound hack attempts

If you are looking to restrict management access on airMAX AC radios in router mode, on the Network tab, you can enable the IP/CIDR ACL to restrict access to HTTP/HTTPS/SSH by IP/Subnet.

 

For airMAX M devices, you can manually restrict inbound access to management interfaces.  Please see THIS guide.  

UBNT_Alternate_Logo.png
Ubiquiti Networks airMAX Support Team

Check out our ever-evolving Help Center for answers to many common questions!

FREE UBWA Student Guide-Great RF Primer!

View solution in original post


All Replies
Ubiquiti Employee
Posts: 11,848
Registered: ‎11-27-2012
Kudos: 3797
Solutions: 778
Contributions: 73

Re: Firewall rule - block inbound hack attempts

If you are looking to restrict management access on airMAX AC radios in router mode, on the Network tab, you can enable the IP/CIDR ACL to restrict access to HTTP/HTTPS/SSH by IP/Subnet.

 

For airMAX M devices, you can manually restrict inbound access to management interfaces.  Please see THIS guide.  

UBNT_Alternate_Logo.png
Ubiquiti Networks airMAX Support Team

Check out our ever-evolving Help Center for answers to many common questions!

FREE UBWA Student Guide-Great RF Primer!