Solved

Server 2003 RRAS Port Blocking issue

Posted on 2008-10-15
3
552 Views
Last Modified: 2013-12-09
We have a Server 2003 system set up and have been experiencing issues with virus spam causing us to be blacklisted.  I added a second NIC to the server and set one up on a private IP range with the router (10.2.2.2 and router at 10.2.2.1) and our internal LAN is on 10.1.1.2 (server).  I set RRAS to have a static route to 0.0.0.0 to go through gateway at 10.2.2.1 (so it forwards all traffic to the gateway).  The internet works like this, the DHCP gateway is set to the server NIC (10.1.1.2) and everyone's internet works.

Now, I have gone to the NAT/Firewall section and have been trying to work with the INTERNET NIC, because it is the one with the translated #s and mappings next to it, so I assume that's the one to work with.  I have attempted all kinds of setup configurations, but when I go to View Mappings, they seem to not have taken effect.  I have tried various settings, and nothing seems to block the offending PCs.  

HOW do I set up static packet filter to BLOCK OUTBOUND attempts to send spam.  I have tried many many combinations of settings in the packet filter with no success. Even now, I have an outbound filter that states ANY traffic on destination port 25 is to be blocked.  I have another that says ANY traffic FROM IP address 10.1.1.52 (an offending address) is to be blocked, but I still have plenty of mappings from that IP.

As of right now, I have inbound and outbound filters for the IP 10.1.1.52 to ANY destination on ANY port, and I still have mappings for that IP.  Is there a configuration issue with my RRAS?  The only network card I show mappings on under NAT/Basic Firewall is my "internet" interface (the nic connected to the wan)
0
Comment
Question by:dbestcomputers
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 

Author Comment

by:dbestcomputers
ID: 22723413
Well, after leaving it for a while with just an outbound filter on 10.1.1.52 for port 25, it seems to work.  I guess you just have to leave it sit for a while?  I will go ahead and leave this thread open.  Anyone who wants points should leave some explanation, insight, or where I can get more info on blocking with RRAS
0
 
LVL 38

Accepted Solution

by:
ChiefIT earned 500 total points
ID: 22775032
I found this very, very helpful to me when trying to hammer out the issues:

http://www.ohmancorp.com/RRASPortBlock.asp
0
 

Author Closing Comment

by:dbestcomputers
ID: 31506392
Well, unfortunately, yours was the only response I got.  I do appreciate it, it was good information.  I had hoped more people would join in and give information, but that's fine.
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Operating system developers such as Microsoft (https://www.microsoft.com) and Apple have made incredible strides in virus protection over the past decade. Operating systems come packaged with built in defensive tools such as virus protection and a f…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question