The hardware firewall provided by SBG6580 is great, when you want that extra layer of security protection. However, if you set it incorrectly it can make you scratch your head. When you have trouble connecting to the web using certain services such as gaming or even email services. Sometimes it is not your computer, it is actually your router doing the blocking.

We will go through all of the firewall options offered by Motorola SBG6580, to help you have a better understand of how to configure the firewall.

You can access the SBG6580 firewall options under Firewall -> Basic.

IPv4 Firewall Protection

Introduction
For SBG6580, the basic firewall options is broken into 4 tiers. When you start using your router for the first time, always go for the highest security first. Then as you encounter issues, then toggle down the firewall setting to unlock more web service ports that you might be using.

High Firewall Security Setting
Most of the ports are blocked in this setting except for the following. You can access the internet and majority of the email applications with this setting. However, some users do report running problems with the highest tier of firewall security.

DNS TCP: 53 TCP
DNS UDP: 53 UDP
HTTP: 80 TCP
HTTP-S: 443 TCP
IMAP-S: 993 TCP
IPSec NAT-T: 4500 UDP
NTP: 123 UDP
POP3-S: 995 TCP
SSH: 22 TCP
SMTP: 25 TCP
SMTP-S: 465 TCP

Medium Firewall Security Setting
This tier introduces some of the common ports used by chatting programs or gaming consoles.

AIM/ICQ: 5190 TCP
DHCPv6: 546-547 UDP
DNS TCP: 53 TCP
DNS UDP: 53 UDP
FTP-S: 989-990 TCP
HTTP: 80 TCP
HTTP ALT: TCP
HTTP-S: 443 TCP
IMAP: 143 TCP
IMAP-S: 993 TCP
IPSec NAT-T: 4500 UDP
NTP: 123 UDP
POP3: 110 TCP
POP3-S: 995 TCP
RADIUS: 1812 TCP
RADIUS: 1812 UDP
SMTP: 25 TCP
SSH: 22 TCP
SMTP-S: 465 TCP
Steam: 1725 UDP
Steam Friends: 1200 UDP
Telnet-S: 992 TCP
XBOX Live: 3074 TCP
XBOX Live: 3074 UDP
World of Warcraft: 3724 TCP
World of Warcraft: 3724 UDP
Yahoo Messenger: 5050 TCP

Low Firewall Security Setting
All the ports are available to be accessed using this setting. However, you will still have the benefit of protection against Denial of Service attacks.

Off Firewall Security Setting
You should almost never use this option. If your goal is to open up for more ports, have the low setting is generally a better choice. Only consider using this firewall option if “low” setting still gives you trouble with your services.

Block Fragmented IP Packets

Recommendation: Uncheck the box to disable this setting.

Although having fragmented IP packets supposedly tighten security more. Some connections such as you gaming consoles and media mobile devices do use fragmented IP packets. By enabling this option on, you can experience more connection losses and intermittent signals. So in general, turn the Block Fragmented IP packets off.

Official description:
Prevents all fragmented IP Packets from passing through the firewall.

Port Scan Detection

Recommendation: Check the box to enable this setting.

In most cases as a normal non-tech user, you will not use any of the port scan features nor do you want to be found and be port scanned for open ports on your computer. Enable this function for the extra firewall security. Just turn this firewall option back on when you actually need to conduct port scanning.

Official description:
Detects and blocks port scan activity on both the WAN and LAN.

IP Flood Detection

Recommendation: Uncheck the box to disable this setting.

IP flood detection supposedly protect against denial of services type of attacks. However, turning on this option sometimes can hinder your wireless network speed in many cases. Some of your “real” traffic can be mislabeled and blocked by this firewall function.

You generally should disable IP flood detection. Unless you are having trouble with certain malware infected machines on a network flooding your entire wireless netork, but if that is the case, you really should try to get those devices fixed ASAP.

Official description:
Detects and blocks packet floods originating on both the WAN and LAN.

SBG6580 Firewall


Comments

Basic Firewall Setup | SBG6580 — 7 Comments

  1. Fantastic site and recommendations. It resolved my hardwire connection and explained every step very clearly so even a n00b could understand.
    Thank YOU

  2. I have been having DNS resolution problems since I set SBG6580 firewall security setting to ‘Low’. When I start my PC, for first few minutes all host resolution time out but eventually host resolution works fine. I tries Google DNS and see the same issue.

    When I set firewall security ‘off’, this initial host resolution timeouts go away.

    Is SBG6580 blocking DNS packets? I want to keep firewall security but hate the initial web access issues every time I login to my PC. any poniters?

  3. My BasicTalk VOIP ATA (analog telephone adapter) would not work unless the IPv4 firewall protection was set to “low” or “off.”

  4. Great Info! I couldn’t stream any of my VUDU movies with this modem until I turned “IPv4 Firewall Protection” to LOW. Since I rarely watch movies through VUDU (I have 51 DVD’s converted to digital via VUDU) I set it back to Medium at all other times.
    However, I wish there was a way to add to the List of “Allowed Services” with this modem, so I could add whatever VUDU needs to get through. Oddly, Movie Trailers are watchable.

Leave a Reply

Your email address will not be published.