<div>
i also closed from untrust to trust. It should be OK to reopen that right?
</div>


i also closed from untrust to trust. It should be OK to reopen that right?

<div>
Untrust is Internet. You don't want to block RDP from internet to LAN, do you? &nbsp;So remove it, &nbsp;or leaves it alone if it doesn't matter for you. By default all Untrust traffic is blocked unless explicitly allowed.
</div>


Untrust is Internet. You don't want to block RDP from internet to LAN, do you?  So remove it,  or leaves it alone if it doesn't matter for you. By default all Untrust traffic is blocked unless explicitly allowed.

<div>
<div class="content wysiwyg-content">
I have intermedia as my hosted exchange solution. Intermedia keeps blocking my public IP because they said that my network is trying to connect to their server via RDP protocol.<br />
<br />
I logged in to SSG5 to see if i could find anything and the only suspicious thing I saw was. untrust-local... to trust (any &gt;&nbsp;any). I deleted it.<br />
<br />
I only have one user who logins to a computer remotely via RDP. &nbsp;I don't know how to scan the network to see which computer is sending mass traffic to their servers. I installed wireshark but I don't really know how to use it.<br />
<br />
any suggestions?<br />
<br />
BTW, I scanned all computers and did remove viruses/trojans from a couple, intermedia unblocked it and email worked again, but this is the third time they blocked it.
</div>
</div>


I have intermedia as my hosted exchange solution. Intermedia keeps blocking my public IP because they said that my network is trying to connect to their server via RDP protocol.

I logged in to SSG5 to see if i could find anything and the only suspicious thing I saw was. untrust-local... to trust (any > any). I deleted it.

I only have one user who logins to a computer remotely via RDP.  I don't know how to scan the network to see which computer is sending mass traffic to their servers. I installed wireshark but I don't really know how to use it.

any suggestions?

BTW, I scanned all computers and did remove viruses/trojans from a couple, intermedia unblocked it and email worked again, but this is the third time they blocked it.

Block IP with Juniper SSG5

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

Networking hardware includes the physical devices facilitating the use of a computer network. Typically, networking hardware includes gateways, routers, network bridges, modems, wireless access points, networking cables, line drivers, switches, hubs, and repeaters. But it also includes hybrid network devices such as multilayer switches, protocol converters, bridge routers, proxy servers, firewalls, network address translators, multiplexers, network interface controllers, wireless network interface controllers, ISDN terminal adapters and other related hardware.

Networking Hardware-Other

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).