DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
Vigor 2910 ignoring firewall rules
- adcburke
- Topic Author
- Offline
- New Member
Less
More
- Posts: 3
- Thank you received: 0
19 Feb 2010 12:07 #60619
by adcburke
Vigor 2910 ignoring firewall rules was created by adcburke
Sorry this is going to be a bit of a long one but this is baffling me.
We have two offices that communicate email traffic and i want to ensure that only the remote office can talk to port 110 & 143. and port 25 can only be communicated with by the remote office and our hosted spam control lot. Sounds simple but i cannot seem to get it to lock port 25 to other ip's
First I set-up individual services for email (port 25, 143, 110) and grouped them as email. Then set-up an IP object for our remote office and a group containing all the spam server addresses.
In Filter set 3 created rule
Wan-Lan> Source ip 'remote office' service type 'email'
Next filter set #4
In Filter set 3 created rules
Wan-Lan> Source ip 'spam servers' service type 'email'
Lan-Wan> Dest ip 'spam servers' service type 'SMTP' (outgoing mail sent through spam servers)
Next filter set #5
In Filter set 5 created rule
Wan-Lan> Source ip 'remote worker's home ip' service type 'email'
Wan-Lan> Source ip 'remote worker's home ip' service type 'rdp' (3389)
Next filter set #12
In Filter set 12 created rule
BLOCK lan-wan> source 'all' destination 'all' servicegroup 'email' (done to prevent any nasties transmitting smtp from a compromised system etc)
BLOCK wan-lan> source 'all' destination 'wan IP' servicegroup 'email' (this is the rule it seems to be ignoring although weirdly other ip's but our remote office cannot connect to port 143(imap) but can connect to 25 even though they should both be blocked by this rule.
I don't understand why one rule even though it is being told to block 3 ports will only block 2 of them 110 and 143 yet ignore blocking access to 25. its just weird.
Anyone got any ideas? if you need any other info the please ask
We have two offices that communicate email traffic and i want to ensure that only the remote office can talk to port 110 & 143. and port 25 can only be communicated with by the remote office and our hosted spam control lot. Sounds simple but i cannot seem to get it to lock port 25 to other ip's
First I set-up individual services for email (port 25, 143, 110) and grouped them as email. Then set-up an IP object for our remote office and a group containing all the spam server addresses.
In Filter set 3 created rule
Wan-Lan> Source ip 'remote office' service type 'email'
Next filter set #4
In Filter set 3 created rules
Wan-Lan> Source ip 'spam servers' service type 'email'
Lan-Wan> Dest ip 'spam servers' service type 'SMTP' (outgoing mail sent through spam servers)
Next filter set #5
In Filter set 5 created rule
Wan-Lan> Source ip 'remote worker's home ip' service type 'email'
Wan-Lan> Source ip 'remote worker's home ip' service type 'rdp' (3389)
Next filter set #12
In Filter set 12 created rule
BLOCK lan-wan> source 'all' destination 'all' servicegroup 'email' (done to prevent any nasties transmitting smtp from a compromised system etc)
BLOCK wan-lan> source 'all' destination 'wan IP' servicegroup 'email' (this is the rule it seems to be ignoring although weirdly other ip's but our remote office cannot connect to port 143(imap) but can connect to 25 even though they should both be blocked by this rule.
I don't understand why one rule even though it is being told to block 3 ports will only block 2 of them 110 and 143 yet ignore blocking access to 25. its just weird.
Anyone got any ideas? if you need any other info the please ask
Please Log in or Create an account to join the conversation.
- voodle
- Offline
- Big Contributor
Less
More
- Posts: 1139
- Thank you received: 0
19 Feb 2010 12:18 #60620
by voodle
Replied by voodle on topic Vigor 2910 ignoring firewall rules
For the different service types you have set up, particularly the port 25 one, do you have the Source Port set up as 1-65535 or 25-25? It should be 1-65535 to work.
Please Log in or Create an account to join the conversation.
- adcburke
- Topic Author
- Offline
- New Member
Less
More
- Posts: 3
- Thank you received: 0
19 Feb 2010 14:09 #60622
by adcburke
Replied by adcburke on topic Vigor 2910 ignoring firewall rules
Yes the ip object is setup as so
Name: SMTP
Protocol: tcp/udp
source port: 1-65535
destination port: 25-25
as are the other two for imap/pop although the destination port is obviously 143 and 110 for those
cheers
Name: SMTP
Protocol: tcp/udp
source port: 1-65535
destination port: 25-25
as are the other two for imap/pop although the destination port is obviously 143 and 110 for those
cheers
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek