So, 2 weeks ago we moved on to the Business DOT plan for the NBN (lose copper lines in 2 months). We have 3 lines coming in which is now on their QOS assured system.
We also have a number of employees as well as our business software company that Remote Desktop into our server on a regular basis, as well as a number of surveillance camera's that we access remotely.
Up until NBN this has been quite simple as we simply white-listed the IP addresses that were allowed to connect to the ports on our router.
Our problem.. The supplied business router DEVG2020 has been handicapped to the point of stupidity by telstra.
We are unable to white list anything on the router (can open the port with port forwarding but no NAS so the port is left wide open to all and sundry), we can't bridge it to a more useful router/firewall to allow the same thing and we arn't able to swap to a router that can actual handle basic security.
So we have now essentially been locked into a system with non existent security on the internet side of the router unless we close all ports at all times. (thereby stopping remote access for employees and our software supplier).
While I am struggling with the concept that Telstra has supplied hardware that is less functional than a router from 10 years ago, I am still desperately trying to find a workaround.
Any ideas on how to get around this.
Was this helpful?
Just for the sake of completion. I have managed to get it to work.
By individually port forwarding from the Telstra DEVG2020 to the WAN side of a router with a firewall I have managed to secure the ports.
The fact that I now have a NBN NTD, Telstra DEVG2020, Cisco SPA8000, Draytek Router and a cisco switch just to allow VOIP and remote access to the network with some level of security is beyond irritating.
Hope they make this a hell of a lot easier in the future.
Sorry to drag up an old query, but am after some more information on what you did here?
I am in the same boat with a client, and hate hate hate the lack of security available in the DEVG2020.
I can't even get a site-to-site VPN configured due to the poor implementation in this device.
From what i understand of your resolution, you have the following setup
NBN goes to WAN DEVG2020
Cisco connects to 1 port of DEVG2020
Draytek connects to 1 port of DEVG2020
You are then either using specific port forward blocks or DMZ to transfer all traffic to the Draytek?