Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless Reviews

Firewall

The FWAG borrows its Rules and Services firewall model from its sibling products to control all port usage in and out of the firewall. Figure 4 shows the Rule screen that summarizes both Inbound and Outbound Rules.

NETGEAR FWAG114: Firewall rules

Figure 4: Firewall Rules
(click on the image for a full-sized view)

Outbound Service rules (commonly known as Port Filters), are used to specify a range of ports, i.e. a service, that are either allowed or blocked from a range of LAN IP addresses to a range of WAN (Internet) IP addresses. Figure 5 shows a rule that will block access to RealAudio streams for all LAN users.

NETGEAR FWAG114 - Outbound Service rule
Figure 5: Outbound Service Rule
(click on the image for a full-sized view)

Inbound Services (usually known as Port Forwarding), have the same configuration features as Outbound Services, but are used to allow access to servers on your LAN that are behind the FWAG's firewall. Note that server "loopback" is supported for Inbound Services.

The FWAG comes with service definitions for commonly used services such as HTTP (Web), FTP, and others, which you can pick from a drop-down list. When you need a service that's not pre-defined, you can add it via the Custom Services screen, shown in Figure 6.

NETGEAR FWAG114 - Custom Service
Figure 6: Custom Service
(click on the image for a full-sized view)

Rules have a few other tricks they can do. Both Inbound and Outbound rules are schedulable as shown in Figure 7, but there is only one schedule, which can be applied on a rule by rule basis.

NETGEAR FWAG114 - Rule schedule
Figure 7: Rule Schedule
(click on the image for a full-sized view)

You can also control the logging of each rule with selections of Never and Match, as well as the order of precedence for rules in both directions. But note that there is no ability to set an outbound trigger port for the Inbound Services... the service mappings are static only. And contrary to the FWAG's User Manual, UPnP is not supported, at least not yet.

You can exert finer control (than blocking all access with Outbound Services) over the websites and newsgroups that your users visit via the Block Sites feature. The feature is not schedulable, but you can enter one "Trusted" IP address that will get unfiltered Internet access.

More Wireless

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

RT-AC87U 384.9Recently I enabled the firewall log (allow/deny), along with dnsmasq ( log-queries=extra ), which are all being sent externally via sysl...
Dear SNB community,I recently discovered the power of AsusWRT Merlin and I want to benefit from some extended features such as Diversion.I tried to in...
So I recently discovered snb and the great asusmerlin for my RT-86U. I have the following running on it:1) Diversion v4.0.72) Entware3) Skynet v6.8.24...
Here's an odd thing that started to happen recently, whenever I turn on my VPN client software on one of my computers and start flowing some traffic f...
Interesting VLAN Utility on ASUS Router I found while trying to figure out how to create a VLAN Trunk to my managed switch.Update: Pointed out its alr...

Don't Miss These

  • 1
  • 2
  • 3