FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

12658 questions

15038 answers

24075 comments

46989 members

0 votes
210 views 2 comments
by

Hi,

I have a RUTX11 router.

I am finding PC's/ Laptops with static IP are getting blocked after a time and I either have to reset the router or change IP on the PC/ Laptops.

Just restarting the device doesn't solve the problem either.

Is there a way of flushing/ clearing blocked LAN IP's automatically?

Many Thanks,

Steve

1 Answer

+1 vote
by

Hello,

Usually when devices get blocked by the router it means that they're trying to access the device via WebUI/SSH unsuccessfully multiple times in a row. The settings for this functionality (via WebUI) can be found at System>Administration>Access Control>Security or (when accessing router via CLI) at /etc/config/ip_blockd. If these IPs are, in fact, listed at this page/configuration file, you could do a couple of things to prevent this from happening:

  • Fully deny any access to the router via WebUI/SSH except from some specific MAC/IP address which is outside of DHCP range. This way the "ip_blockd" service would never have the chance to block clients because any traffic would be straight up denied when destination ports from the incoming connections to the 192.168.1.1 (incoming from LAN zone) are HTTP [80]/HTTPS [443]/SSH [22]. Make sure to define the rule to allow specific IPs first!
  • Increase the fail count (not recommended due to security reasons)

This functionality will be changed in firmware version 7.2 - starting from this version any device that gets blocked by the "ip_blockd" service will only be restricted from accessing the router itself but it will still have its traffic routed (won't lose internet connection). We don't have a definitive date and time for the release of this firmware version yet.

Best regards,

Tomas.

Best answer
by
Hi Tomas,

Thank you for the explanation of what has been happening and why it happens. I am a little surprised the IP's were getting blocked because they are all part of the same LAN as the router, it wasn't like the router was being accessed from a WAN location.
I am not sure all the IP's being blocked had tried to access the router by WEBUI/SSH but it might happen happened. There is only three members of staff in the company and I am the only person who knows anything about the router.

Hopefully firmware version 7.2 isn't too far away from being released.

Thanks for your help,

Steve
by
Hi, thanks for the explanation.

This tripped me up during an upgrade from legacy to new firmware, as somehow during the upgrade process my firewall IP got blocked by this mechanism. Certainly caused some confusion when I thought something had failed with the upgrade process!