I just received my new Fibre + Gateway 2.0 modem and was trying to setup the firewall. On my old modem, I could block specific ports but I can't find anything on this modem that allows me to do that. Is there no way to block specific ports (udp/tcp, incoming and outgoing) on this modem?
Thanks.
@drathnow -- on the Shaw app, you should be able to access "advanced settings" to configure the port-forwarding.
@mdk I don't think you read my message correctly. I'm not trying to setup port forwarding. I'm trying to setup the firewall to BLOCK ports. That is, stop UDP/TCP traffic to or from these ports from even passing through the firewall.
@drathnow -- the opposite of "port-forwarding" is "port-blocking".
By default, does the BlueCurve's firewall allow any "incoming" TCP/UDP traffic to reach any of your LAN-side computers? No. That would be a "security-flaw".
So, please be specific about what ports you are trying to block.
@mdk why should it matter what ports I want to block? Regardless, I’m not interested in blocking incoming traffic—at least not now, I’m interested in blocking outgoing traffic on specific TCP and UDP ports. One in particular is UPNP (TCP 5000 and UDP 1900) but there are a couple of others. How can I block outbound traffic on these ports?
@drathnow -- all the commercial "Internet Security" bundles (ZoneAlarm, McAfee, Norton) include a firewall that will block outgoing traffic, unless you "allow" an app to use a port. To contrast, the built-in Windows Firewall blocks all "unsolicited" incoming traffic, unless you do some port-forwarding.
If you are a Shaw customer, McAfee Internet Security is a free(!) app: https://my.shaw.ca/services/internet
Also, see:
when you want to enable/disable UPNP.
@rstra Since you seem to know the router menus so well, can you please tell me where in Firewall menu--on the Fibre + Gateway 2.0 Router--I can BLOCK PORTS. Just in case you didn't read my original question, I'll reiterate that I'm NOT interested in PORT FORWARDING. I want to know how to BLOCK (or unblock) specific outgoing UDP or TCP ports AT THE ROUTER.
@mdk Please take some time to learn a little more about UPNP and the dangers the protocol poses to home network, especially ones with many smart devices. The protocol is potentially dangerous to unprotected networks and I'm frankly shocked that Shaw does not provide more information about their firewall so people can be confident their network is truly protected from attacks that can result from this protocol. By default Windows machines do not broadcast UPNP, unless specifically enables. I have not enabled it on any of the Windows workstations in my home network. The protocol is used by smart devices like web cameras, smart door bells, smart lights, etc. These device do not have any firewall settings and, more importantly, there is no way to turn off the protocol. Also, and this is the important point, blocking ports for the reason I'm trying to block them should not require me to run around to my devices and change firewall settings or any other settings for that matter. I should be able to do this at my single access point to the Internet that supposidly has a Firewall. In fact, I could do this with my previous Bluecurve modem but for some reason, Shaw has decided to eliminate this feature from the new Fibre + Gateway modem, or at least they have placed the feature somewhere that I, nor their own technical people, can find. What's worse, they provide no documentation to tell me if what, IF ANY, outgoing protocols are blocked.
@drathnow -- Please take some time to learn a little more about UPNP
It is not polite to "shoot the messenger" who volunteers to try to help on this discussion forum.
You did not say whether you had just one Windows computer, or whether you were seeking a solution for all the devices on your own LAN.
Which "BlueCurve" modem did you previously have? XB6? XB7?
One possible method is to reset the Shaw cable-modem to "pass-through" 100% of the traffic to a third-party router of your own choice that you may have purchased. Connect all your (wired/wireless) devices to that router, and use that router to block/allow outgoing traffic. Thus, the Shaw device is strictly a "modulator-demodulator", not an WiFi access-point nor a multii-port "switch" for your wired devices.
@drathnow Open a browser and go to 10.0.0.1, click Gateway, then click Firewall and ipv4 or ipv6. There you will see Firewall Security Level, there are a few options that will allow you to only allow certain lan to wan activity.