Author Topic: "firewall active" option not settable  (Read 1064 times)

Offline pit

  • Sr. Newbie
  • *
  • Posts: 43
  • Karma: +2/-0
"firewall active" option not settable
« on: February 21, 2018, 06:48:41 am »
In my new veraPlus (section net & wifi) I can select "firewall active - only allow connections from the LAN ports", but this option doesn't last.
After "save and apply" and the following restart: Again "Firewall disabled - allow any connections from WAN or LAN ports" is selected.
Does veraEdge not allow to secure the network?

In my veraEdge the "firewall active" option was set.
I tested to turn it to "disable" and then to reactivate. Now I have the same problem on veraEdge.

In both cases I use wired LAN (one with DHCP , one with fixed IP) and WIFI deactivated. I tried with web login and local login.

Any idea to set the firewall option?
« Last Edit: February 22, 2018, 04:47:22 am by pit »

Offline will335i

  • Newbie
  • *
  • Posts: 8
  • Karma: +0/-0
Re: veraPlus - "firewall active" option not settable
« Reply #1 on: February 21, 2018, 10:19:17 am »
Are you using your Veraplus as your router? If not, your router should be the device creating the firewall and your vera is protected because it is behind that firewall.

I am wondering if the selection is not staying since you have DHCP disabled and your vera is not acting as a router so there is no need for a firewall to be enabled. 

Offline pit

  • Sr. Newbie
  • *
  • Posts: 43
  • Karma: +2/-0
Re: veraPlus - "firewall active" option not settable
« Reply #2 on: February 21, 2018, 12:10:47 pm »
Thank you for your tip. Your consideration could be true.
Till now I thought vera acts as additional firewall especially for the vera connections behind my Router. But I'm not sure this makes much sense.
Otherwise on veraEdge in the identical network role the firewall option is selectable and stays.

Offline will335i

  • Newbie
  • *
  • Posts: 8
  • Karma: +0/-0
Re: veraPlus - "firewall active" option not settable
« Reply #3 on: February 21, 2018, 04:49:43 pm »
Then I would be curious to see what happens if you turn the firewall off on the Edge and then turn it on on the Plus.

Why are you running two controllers on the same network? Is it because of distance between controlled devices? 

Offline Don Phillips

  • Hero Member
  • *****
  • Posts: 1312
  • Karma: +34/-32
Re: veraPlus - "firewall active" option not settable
« Reply #4 on: February 21, 2018, 09:35:09 pm »
Many people run 2 controllers. You typically set one as the primary. One of the advantages is sharing the logic load among 2 processors.
Vera 3, 1.7.1030, CT101, Everspring motion sensor, GE/Jasco switch, Leviton outlet, AeonLabs sensor, NuTone garage door, Blue Iris, Sricam SP011, iPhone locator, APCUPSD, VeraMate, VeraAlerts, PLEG, House Modes, Countdown Timer, DVR, Virtual/Multi Switch, Weatherunderground, LB60Z-1 bulb, Hue, Alexa

Offline pit

  • Sr. Newbie
  • *
  • Posts: 43
  • Karma: +2/-0
Re: "firewall active" option not settable
« Reply #5 on: February 22, 2018, 04:41:54 am »
I turned off the firewall on Edge and then tried to activate it on Plus: No success.
Then I tried to re-activate the firewall on Edge, but now I have the same behavior as on Plus:  The firewall "active" option is selectable but returns to "disable" after restart.

Apparently this problem isn't caused by Edge or Plus, but by an update of the firmware (UI7).

Offline HSD99

  • Sr. Member
  • ****
  • Posts: 276
  • Karma: +11/-0
Re: "firewall active" option not settable
« Reply #6 on: February 22, 2018, 11:24:50 am »
Apparently this problem isn't caused by Edge or Plus, but by an update of the firmware (UI7).

Can you give us the firmware version on both units?

Offline pit

  • Sr. Newbie
  • *
  • Posts: 43
  • Karma: +2/-0
Re: "firewall active" option not settable
« Reply #7 on: February 23, 2018, 03:20:40 am »
veraEdge firmware version is 1.7.3500
verPlus firmware version is 1.7.3532

I now made a portscan on Edge and Plus (both in wired LAN). In both vera's there are only a few ports open - I think all neccessary: SMTP [25], SSH [22], POP3 [110], nntp [119], imap [143], smtp 465, nntps [563], smtps 587, imaps [993], pop3s [995], HTTP [80]
WAN acces goes over my internet router, so there cannot be more ports open.

Apparently the "firewall active" selection has no function in my network set. So is confusing that the option is settable and then switches back after restart. But this do no harm - at least in my network setup.
« Last Edit: February 23, 2018, 12:25:08 pm by pit »

Offline rafale77

  • Hero Member
  • *****
  • Posts: 1235
  • Karma: +62/-23
Re: "firewall active" option not settable
« Reply #8 on: February 27, 2018, 06:16:29 am »
I don't think the vera has any firewall functionality. It probably did a long time ago as it is based on OpenWRT but might have been removed at some point. The Vera is already very short of resources, I would not add a firewall to it, not even a DHCP server.
openLuup (97 devices, 134 scenes, 20 apps) controlling HomeAss + VeraPlus (138 zwave nodes, 8 Zigbee nodes, 205 devices, 20 scenes , 2 app) Bridged to Homekit and Alexa. VeraPlus ExtRooted!