Answer | The SBG6580-2 Firewall has various settings related to blocking or exclusively allowing different types of data through the router from the Internet to the home network. Even if specific web content is allowed on the computer level, it can be blocked on the router/gateway level using the firewall options.  By default, the Firewall is set at the Low level.  This document describes how to set up the SBG6580-2 firewall.
NOTE: It is recommended to keep the firewall between the Low and High levels.
Firewall Setup
- Launch a Firefox or Safari browser.  Enter http://192.168.0.1 into the address box, and press the Enter key. Â
NOTE: A browser message on Chrome, Edge, Firefox, and Opera, may appear when accessing the Web Manager. The message includes 192.168.01 uses an unsupported protocol and ERR_SSL_VERSION_OR_CIPHER_MISMATCH. The Web Manager uses an earlier version of the TLS protocol and does not match the version allowed by the web browser.  Safari browsers on Apple PC and mobile devices are not impacted.  The workaround to access the Web Manager with a PC is to use the Firefox browser and set the TLS version to 1. For workaround instructions refer to article # 19435 - 192.168.0.1 uses an unsupported protocol.  - A security or private risk alert may appear on the web browser advising users to proceed with caution when accessing the Web Manager. There is no risk in proceeding to the Web Manager. For instructions to bypass the alert screen, refer to article # 18181 - Alert Message for Web Manager Access.
 - On the Login page, enter admin or a customized username in the Username field.
 - Enter password or a customized password in the Password field.
NOTE: On later versions of the SBG6580-2, the Wi-Fi Security Key is used as the default admin password printed on the bottom white label. For assistance with Web Manager Access, refer to article # 18752 – SBG6580-2: Web Manager Access.  - Click the Login button.  The Home page will appear.
 - Move the mouse cursor over Firewall on the main menu and click the Protection Level link on the sub-menu.  The Firewall - Protection Level page will appear. Â
 - On the Firewall - Protection Level page under the Firewall Protection Level section, click the Firewall Protection Setting drop-down menu and select the level of protection (Low, Medium, or High).  The following are descriptions for each option:Â
- Off - Default setting.  No security, highest risk.  No services are restricted.
-  Low - Minimum security, higher risk.  No services are restricted
- Medium - Safe configuration, modest risk.  Port Forwarding and DMZ setup will be blocked and some services are restricted.  Click here to see Allowed Services list.
- High - Safest configuration, highest security.  Port Forwarding and DMZ setup will be blocked and some services are restricted.  Click here to see Allowed Services list.
- Under the Firewall Settings section, check the Block Fragmented IP Packets box to prevent all fragmented IP Packets from passing through the firewall.
- Check the Port Scan Detection box to detect and block port scan activity from the Internet and in the home network.
- Check the IP Flood Detection box to detect and block packet floods originating from the Internet and in the home network.  Â
- Click the Apply button under the Firewall Protection Level section.  A restart is not required, as the Firewall settings will immediately go into effect.
Allowed Services List The following table list the type of services allowed by Firewall Protection levels.Â
Allowed Services | Firewall Protection | Service | Port | Protocol | Off | Low | Medium | High | AIM / ICQ | 5190 | TCP | Allowed | Allowed | Allowed | Blocked | DHCPv6 | 546 | UDP | Allowed | Allowed | Allowed | Blocked | DNS | 53 | TCP / UDP | Allowed | Allowed | Allowed | Allowed | FTP-S | 989-990 | UDP | Allowed | Allowed | Allowed | Blocked | HTTP | 80 | TCP | Allowed | Allowed | Allowed | Allowed | HTTP Alternate | 8080 | TCP | Allowed | Allowed | Allowed | Blocked | HTTP-S | 443 | TCP | Allowed | Allowed | Allowed | Allowed | IMAP | 143 | TCP | Allowed | Allowed | Allowed | Blocked | IPSec NAT-T | 4500 | TCP | Allowed | Allowed | Allowed | Allowed | NTP | 123 | UDP | Allowed | Allowed | Allowed | Allowed | POP3 | 110 | TCP | Allowed | Allowed | Allowed | Blocked | POP3-S | 995 | TCP | Allowed | Allowed | Allowed | Allowed | Radius | 1812 | TCP / UDP | Allowed | Allowed | Allowed | Blocked | SMTP | 25 | TCP | Allowed | Allowed | Allowed | Allowed | SMTP-S | 435 | TCP | Allowed | Allowed | Allowed | Blocked | SSH | 22 | TCP | Allowed | Allowed | Allowed | Allowed | Steam | 1725 | UDP | Allowed | Allowed | Allowed | Blocked | Steam Friends | 1200 | UDP | Allowed | Allowed | Allowed | Blocked | Telnet-S | 992 | TCP | Allowed | Allowed | Allowed | Blocked | XBOX Live | 3074 | TCP / UDP | Allowed | Allowed | Allowed | Blocked | World of Warcraft | 3724 | TCP / UDP | Allowed | Allowed | Allowed | Blocked | Yahoo Messenger | 5050 | UDP | Allowed | Allowed | Allowed | Blocked | Other Services | Allowed | Allowed | Blocked | Blocked |
|
|
---|