Hi,

I've installed a Draytek 3200N router at the centre of a network. There are 2 Virgin WAN links coming in, and the LAN consists of 2 x Netgear POE switches and 11 Netgear Access Points. The 3200N has been setup so that each of the 58 students have to login with their room number and a password. Half the users are directed to use WAN1, and the rest WAN2. We don't seem to have reached the transmit/receive limit on either.

I am hitting problems where users are getting refused internet access - the log shows lots of

<134>Nov 10 09:29:03 Hodgkin: [User][Firewall][None:192.168.40.205][Block] This IP address isn't authenticated [ 192.168.40.205:32768->192.168.2.132:162][HLen=20, TLen=153, Flag=R, Seq=8722944, Ack=813367809, Win=1648]

This includes the DNS servers. We had issues with the Virgin DNS servers, so now are using OpenDNS and Google "8.8.8.8". The session timeout is set to "0" (do not time out)

Is anyone aware of any issues with my setup? Anything I could look for in the logs? Any known bugs?

Also, does anyone know how I can setup "cyclic logs" on the USB memory I've added in?

Many thanks in advance.
Matthew Clark, Bristol Computer Support Ltd.

This is because of how you're using the user groups - you need to set the firewall to User-Based and instead of applying that rule to groups, make a rule for each of the user groups then select that per-user.

The group thing is weird, what it's meant for is apparently locking down access to the internet going based on source IP Address to specific user groups - I don't get the point of it but you can get around that by using User-Based filtering with rules instead.