Community home

Brian87788 · ‎13-01-2023

I currently have vodafone UltraHub and fibre setup, I have about 2 basic switches in the network with a few computers and printers as well. I am using the 2 phone ports on the UltraHub connected to 2 phones. I am using a cloud based software which I need to open ports for printing to my local printers.

I am continually getting gibberish printing out as I guess hackers are trying to get into the network through those open ports.

How can I restrict those port forwards to only accept traffic from a specific ip address?

Is there a setting on the Ultra Hub or do I need to buy another router/device and install it between the ultra hub and the rest of the network?

Any help would be greatly appreciated.

Ripshod · ‎14-01-2023

I use an Asus router so I've spoiled myself a little and forgot a lot about the vox3, so I just plugged one in. Yes, it's disappointing to not be able to set the external IP even in 'expert mode' (that's laughable), something I consider a security essential now.

We won't get that feature added no matter how nice we are to Vodafone so it does look like you'll end up using your own router.

CrimsonLiar · ‎14-01-2023

I'd be interested in what the printers are. I've access to web-enabled printers and not one of them requires opened ports. Instead, it looks like they phone-home (access a web server) to check if there are any jobs waiting for them.

*I used to have one of the printers setup so I could email jobs to it, on ONE occasion someone managed to spoof it and got it to print a page of gibberish. That printer is now setup so it won't print out emailed docs until I approve their printing!

Cynric · ‎14-01-2023

.@Brian8778 Are you saying that the cloud software doesn't need a security token or password to reach your printers? Given that you have other kit on the LAN could one host a SSH tunnel that the cloud stuff would have to connect to? I really don't like the sound of leaving a port open, but please tell me it is a high number port (i.e. a 5 digit one).

Brian87788 · ‎15-01-2023

For a little more context the cloud system is a Point Of Sale system in a shop. The printers range from 2 OKI toner printers a barcode printer and a receipt printer. The ports that are required to be open are 4 digits long. There are no IT experts where I live and getting in-person help is problematic. I just thought if there was a relatively simple solution like adding another router into the system. I could just do that.

I wonder if the way the phone system is setup it would be better to go with another company that has a more general VOIP system which would allow use of any third-party router with better functionality. The way it is now I have to have the Ultrahub for the phones to work.

Ripshod · ‎15-01-2023

You can use your own router, and a Grandstream ATA for the digital voice service.

https://forum.vodafone.co.uk/t5/Landline/Landline-phone-with-own-router-on-FTTP/td-p/2709457

CrimsonLiar · ‎15-01-2023

This begins to sound like a nightmare! IF the cloud-based POS system can be accessed using a VPN, then I'd switch to using a third-party router that can handle this.

Jayach · ‎15-01-2023

It sounds to me like you really need an IT expert, or learn to become one pretty quickly.

Was this all working on a previous ISP? Did you set that up?

Ripshod · ‎16-01-2023

If this broadband is a connection for business use then surely the better option would have been going with business broadband? Going with the cheapest home broadband has backfired.

Brian87788 · ‎16-01-2023

Ahh that makes sense, didn't realize it was just a domestic connection. Although doing a preliminary check on the vodafone website there are no plans that are available for my address. The shop is on the main street but it's a fairly small town. I'll give them a ring and check my options.

Community home

UltraHub restrict port forwards to specific inbound ip address