Menu
What's new
By:
Filters Better Search

How to enable port randomization in Asuswrt-Merlin?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Yota

Yota

Very Senior Member
By default pfSense will port randomize all outgoing UDP connections (reference), which some say indirectly improves the privacy and security of devices behind the firewall.

This basically turns NAT into a more restrictive level. for example, a device behind the LAN wants UDP port 48695 open, but the firewall will actually open another random port, thus improving security at the expense of connectivity.


Although I'm not sure most people who buy Asus routers will actually want this feature, as some people even buy it to reduce their NAT level 😂

So, seriously, I wonder if the firewall on Asuswrt-Merlin can allow us to achieve something similar?
 
Linux has had UDP port randomization in the kernel since 2008.
 
RMerlin said:
Linux has had UDP port randomization in the kernel since 2008.
Click to expand...
Thanks for the reply, the weird thing is that I never had any issues with peer connectivity, even with UDP based VoIP peer calls. I thought port randomization would cause two devices behind NAT to never be able to talk peer to peer and would have to fall back to relay, but no, I never observed my peer Facetime or WhatsApp calls fall back to relay mode.

So is there any way to break peer connectivity? I thought port randomization was the feature I was looking for.
 
Yota said:
So is there any way to break peer connectivity? I thought port randomization was the feature I was looking for.
Click to expand...
I have no idea what you are talking about, sorry. Remote ends don't blindly guess what port they are connected with, that is specified in the connection handshake.
 
RMerlin said:
I have no idea what you are talking about, sorry. Remote ends don't blindly guess what port they are connected with, that is specified in the connection handshake.
Click to expand...
I think you've helped point me in the right direction, thank you.
 
You must log in or register to reply here.

Similar threads

RMerlin
Release Asuswrt-Merlin 386.13 / 386.13_2 is now available for AC models
2 3 4
Replies
79
Views
19K
Tech9
Tech9
P
firewall, inbound firewall rules and port forwarding (on RT-AX58U) clarification
Replies
5
Views
978
eibgrad
eibgrad
C
IPv4 Firewall/Port-Forwarding - Appear to be the same thing on Asuswrt
Replies
4
Views
2K
chrisisbd
C
RMerlin
  • Locked
Release Asuswrt-Merlin 3004.388.7 is now available
20 21 22
Replies
435
Views
63K
KronFace
K
RMerlin
  • Locked
Beta Asuswrt-Merlin 3004.388.7 beta is now available
5 6 7
Replies
123
Views
16K
RMerlin
RMerlin
Similar threads
Thread starter Title Forum Replies Date
M How to Enable Hardware Acceleration /RT-AX86U Pro Asuswrt-Merlin 3
M enable IPv4 over LAN Asuswrt-Merlin 11
A Enable Web Access from WAN can't stay enabled Asuswrt-Merlin 2
H WireGuard Server "Enable NAT - IPv6" Setting Question Asuswrt-Merlin 0
D SSH - Shortcut to Enable / Disbale Wireguard VPN Asuswrt-Merlin 1
R RT-AX86U Pro LAN Port on Guest Network Asuswrt-Merlin 9
Y Ethernet port status on Tools Sysinfo page Asuswrt-Merlin 7
A DSL-AX82U HTTP/HTTPS Port Forwarding Asuswrt-Merlin 7
L 2.5 port on gt-axe11000 is subpar. Asuswrt-Merlin 13
C Port / device isolation AX88U Asuswrt-Merlin 2

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 769 (members: 28, guests: 741)
Top