DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

SOLVED - 2927 Firewall not working

  • chaser
  • Topic Author
  • User
  • User
More
16 Mar 2021 18:01 #13 by chaser
Replied by chaser on topic Re: 2927 Firewall not working

Piste Basher wrote:
This is probably nothing to do with your problem but prompted to look at mine by your post I noticed that the 2927 no longer has a "Default Call Filter". First time I've seen this on a Draytek. Wonder why they have deemed it redundant after all these years?

What I would say is that the 2927 has some other features which don't work properly, e.g. in the Mesh Status page. It could just be that there is a problem, before you tear your hair out :|

My older 2860 is the Vac model, which has VoIP functionality built in. My newer 2927 doesn't have this feature, and I assumed this was why there was no 'Default Call Filter'.

Please Log in or Create an account to join the conversation.

More
16 Mar 2021 18:15 #14 by piste basher
Replied by piste basher on topic Re: 2927 Firewall not working
Hmm - I just tried it again with those settings in the Diagnose Tool (as I did before in fact, but this time I had also ticked "All WANS" and "ALL LANS" in the "Advanced" section of Rule 2 set up, just in case :D ) and I still get the "not handled" message :?

As far as I recall the Draytek "Call" Filter is nothing to do with "Calls" - that's just put in to confuse us. A Draytek "Call" is defined in the 2926 manual as "Call Filter - When there is no existing Internet connection, Call Filter is applied to all traffic, all of which should be outgoing. It will check packets according to the filter rules. If legal, the packet will pass. Then the router shall “initiate a call” to build the Internet connection and send the packet to Internet."

I guess they've removed it because - well maybe nobody is using the original 2200 USB ? (I had one) with the "Green Stingray" modem these days..... :wink:

Update on 17th - I've tried it again, this time re-booting after setting up Rule 2 - still no joy, packet still not handled by the firewall :?:

Please Log in or Create an account to join the conversation.

  • chaser
  • Topic Author
  • User
  • User
More
17 Mar 2021 13:34 #15 by chaser
Replied by chaser on topic Re: 2927 Firewall not working

Piste Basher wrote:
Update on 17th - I've tried it again, this time re-booting after setting up Rule 2 - still no joy, packet still not handled by the firewall :?:


Not sure why it's not working for you. Make sure you don't have any leading or lagging spaces in any of the data entry fields. I accidentally had a space at the start of the Dst IP address field in the Diagnostic tool, and that gave me the not handled error.

Please Log in or Create an account to join the conversation.

More
17 Mar 2021 16:37 #16 by piste basher
Replied by piste basher on topic Re: 2927 Firewall not working
Nope, tried again double-checking all entries. Still the same.

Weird.

Please Log in or Create an account to join the conversation.

  • hornbyp
  • User
  • User
More
17 Mar 2021 18:02 #17 by hornbyp
Replied by hornbyp on topic Re: 2927 Firewall not working

chaser wrote:
The IP addresses in Set 1 Rules 4 and 5 don't work either, unless I put those IP addresses into Rule 3. If they're in rule 3 the firewall will then block them.

Go figure!


I now have a vague recollection, of an issue in the distant past, where a Firewall Rule didn't trigger... (I can't remember what unit it was on)

I ended up deleting all the rules and starting again, whereupon it worked. I concluded that I'd either mistyped it originally, or some 'gibberish' had somehow made its way in there. Not a satisfactory answer, but once it started working, it was too late to investigate further.

These days, you can back-up the Firewall Rules, so that zapping them and re-adding, isn't such a big deal. Could be an interesting experiment, to add a few, one at a time.

In the meantime - now I know how to use the "Diagnose" function - I'm going to work my way through my own, and prove that they all trigger...

Please Log in or Create an account to join the conversation.

  • chaser
  • Topic Author
  • User
  • User
More
17 Mar 2021 20:26 #18 by chaser
Replied by chaser on topic Re: 2927 Firewall not working

hornbyp wrote:
I now have a vague recollection, of an issue in the distant past, where a Firewall Rule didn't trigger... (I can't remember what unit it was on)

I ended up deleting all the rules and starting again, whereupon it worked. I concluded that I'd either mistyped it originally, or some 'gibberish' had somehow made its way in there. Not a satisfactory answer, but once it started working, it was too late to investigate further.

These days, you can back-up the Firewall Rules, so that zapping them and re-adding, isn't such a big deal. Could be an interesting experiment, to add a few, one at a time.

In the meantime - now I know how to use the "Diagnose" function - I'm going to work my way through my own, and prove that they all trigger...


I'm actually away from home right now, and only able to access the router remotely, so I'm a bit nervous about making any changes that might lock me out altogether, but I'll certainly try backing up and deleting everything then re-adding, once I get back home at the weekend.

Draytek support have also contacted me and requested that I call their support line, so they can go through my current router config with me. Their view is that I must have misconfigured something. Again, I'll give them a call once I get back home.

Thanks again for your suggestions.

Please Log in or Create an account to join the conversation.