DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

2820n Firewall & syslog questions

More
09 Mar 2010 01:18 #61067 by earth
2820n Firewall & syslog questions was created by earth
Hi all,
Just installed a new 2820n on sbs2003 box with 2 nics. (WAN-192.168.1.2)-(LAN 10.0.0.2). The router LAN IP is 192.168.1.1. Internal network are supporting about 70 PC's. One of those pc's are infected with a sender email trojan not identified until now, besides our efforts made with netstat attemps and virus scannings on all machines.

My questions are:

There is any way to only accept outbound connections on port 25 sended by our exchange server and block all others LAN machines using 2820n firewall settings?

I installed Syslog 4.2.1 on Windows2003 server to try to record logs to help us to find the infected machine. But don't know why i can't collect data from router. The settings are: IP router 192.168.1.2. IP WAN NIC sbs box is 192.168.1.2 and the the port used is the default (514).

Any toughts will be very welcome.

Thank you in advance,
Cheers

If at first you don't succeed, skydiving is not for you

Please Log in or Create an account to join the conversation.

More
09 Mar 2010 01:28 #61068 by earth
Replied by earth on topic 2820n Firewall & syslog questions
And of course System Maintenance >> SysLog / Mail Alert Setup under Maintenance tab is checked with server Syslog IP corrected inserted (192.168.1.2)

If at first you don't succeed, skydiving is not for you

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami