I have two Netgear FVS318g firewalls, one behind the other. Both are defaulted to block outgoing traffic except for HTTP, DNS, and some other common services. The outermost one can communicate fine with the NTP server and get the correct time. The one on the inside cannot. I tried to add a firewall exception for NTP the same as I did for all the other services, but NTP is not listed. I tried adding my own service, and it complains that when I create my own service, the port must be greater than 1024. Does anybody know how to configure the firewall to allow NTP to pass through?
Asked
Active
Viewed 1,600 times
1 Answers
1
I just hit the same problem and after a little search I found a workaround on netgear forums: http://forum1.netgear.com/showpost.php?p=294039&postcount=8
the popup that prevents you from entering port <1024 is based on javascript. So after entering all the numbers and just before hitting "add" button you need to disable javascript in your browser for a while. Popup will never appear and the router will accept a new service on port 123 (ntp).
-
Good work around. I thought I had tried that, but for some reason it didn't seem to work. Maybe I'll try again. I filed a support ticket with Netgear, and they responded. They said I should downgrade the firmware, which is what I ended up doing in the end. Since there wasn't any major security issues, that were being addressed, I figured I wasn't getting much from the updated firmware. The interesting part is that in the firmware upgrade, the actually site this as bug fix that you can't assign ports under 1024, but that is, as they admitted in my support request, a big mistake. – Kibbee Nov 17 '10 at 16:12