Forum Discussion

pacetree's avatar
pacetree
Junior
7 years ago

Should I enable or disable the firewall if I'm using an external router?

Should I leave the firwall enabled or disable it if I have wifi off and only using an external router with a firewall?  Generally, I would disable it if I'm using the another modem device like a DSL with an external firewall to avoid double NAT.  But, since there is no bridge mode and the router is basically always in play on the ht2000w, should I just leave it enabled?  Plus as I understand the ht2000w is always translating ipv4 addresses because the Hughes side of the gateway is only ipv6.  What are your thoughts and or advice?

  • For all intents and purposes you're behind a double-NAT on satellite.

    Unless you have hackers in your house using your local LAN, I wouldn't worry about the firewall much. Think they just included it because it was part of the router firmware.

    Think you're safe leaving it disabled, unless you want to use the parental features, etc. underneath it.

  • For all intents and purposes you're behind a double-NAT on satellite.

    Unless you have hackers in your house using your local LAN, I wouldn't worry about the firewall much. Think they just included it because it was part of the router firmware.

    Think you're safe leaving it disabled, unless you want to use the parental features, etc. underneath it.

    • C0RR0SIVE's avatar
      C0RR0SIVE
      Associate Professor

      Leave it enabled if you are using IPv6, as all IPv6 addresses are supposedly routable.


      MarkJFine wrote:

      Think they just included it because it was part of the router firmware.

       



      It's included for SME customers, as they can get a routable IPv4 address and perform port forwarding... While the firewall features are ultra basic... It is pretty much a needed thing to keep ports closed to the outside world.

      • MarkJFine's avatar
        MarkJFine
        Professor

        C0RR0SIVE wrote:

        Leave it enabled if you are using IPv6, as all IPv6 addresses are supposedly routable.


        I originally thought so as well, but neither IPv6 address is.

         

        Edit: Forgot about SME though... that's a different story.

    • GabeU's avatar
      GabeU
      Distinguished Professor IV

      Eek!  I didn't even realize that I had left mine on from back when we were trying to figure out the whole Parental Control thing with blocking specific websites.  Never could get that to work right.  :( 

       

       

    • pacetree's avatar
      pacetree
      Junior

      That's pretty much what I thought.  I try to avoid hackers in my house, so I'm leaving it off! 🙂