Hello all,
I cannot really believe that this qualifies as a *new* topic, but I seem to be having just as much difficulty with the search facility in this forum as I am with my Vigor 2862n router, so I need some assistance from the community please.
I am upgrading from a Netgear ProSafe VPN Firewall SRXN32005. On this I could set a global block on inbound connections, and then open up specific ports (as defined by the selected service) which direct traffic to a specific internal LAN IP address. For the most part this would be the mail server (we are running SBS2011 with built-in Exchange Server, SharePoint, etc.)
I have tried the same configuration within the Vigor 2862n by changing the default rule to 'block' (although it doesn't seem clear if this is inbound traffic, outbound traffic or all traffic in and out), adding the ports I'm interested in either as individual services or groups of services, and creating rules within the firewall filter sets using the source IP address as any WAN address and the destination as the server address on the LAN. Nothing comes in. Interestingly I also have a rule for outbound traffic which is supposed to block activity on port 25 from anything but the mail server to stop mail bots if ever we get infected, yet that doesn't seem to be working either since my non-domain controlled laptop can happily send and receive e-mail. Clearly I am doing something wrong in both counts. I have made sure that all the rules I am using are themselves enabled, and that the Data Filter is enabled within the General Setup. Do I have to set up additional NAT rules to point incoming mail to the server, or should the firewall rule I have specified do that for me?
A summary of the inbound rules I use would be along these lines:
Direction: WAN -> LAN/DMZ/RT/VPN
Source IP: Any
Destination IP: 192.168.2.2
Service: Server Mail (itself defined as TCP ports 25->25 and 143->143)
Filter: Pass Immediately
All other settings left as default.
Any advice would be greatly received.
Thanks in advance,
Angus
