Solved

Block IP with Juniper SSG5

Posted on 2014-12-11
3
265 Views
Last Modified: 2014-12-12
I have intermedia as my hosted exchange solution. Intermedia keeps blocking my public IP because they said that my network is trying to connect to their server via RDP protocol.

I logged in to SSG5 to see if i could find anything and the only suspicious thing I saw was. untrust-local... to trust (any > any). I deleted it.

I only have one user who logins to a computer remotely via RDP.  I don't know how to scan the network to see which computer is sending mass traffic to their servers. I installed wireshark but I don't really know how to use it.

any suggestions?

BTW, I scanned all computers and did remove viruses/trojans from a couple, intermedia unblocked it and email worked again, but this is the third time they blocked it.
0
Comment
Question by:Anthony H.
  • 2
3 Comments
 
LVL 69

Accepted Solution

by:
Qlemo earned 500 total points
ID: 40495702
To block RDP to a specific public IP address, create a policy Trust to Untrust with adresses Any and that public IP, and RDP as service. Make sure to check the "top" option so the policy is applied before any other policy. Action is Deny.
0
 

Author Comment

by:Anthony H.
ID: 40496622
i also closed from untrust to trust. It should be OK to reopen that right?
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 40497484
Untrust is Internet. You don't want to block RDP from internet to LAN, do you?  So remove it,  or leaves it alone if it doesn't matter for you. By default all Untrust traffic is blocked unless explicitly allowed.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now