G'day,
I have recently acquired the responsibility of looking after our router/firewall. One of my first tasks was to set-up and enable Remote Web Workplace. I have got this working after much trial and error, but am not 100% clear on some of what's happening. Below is part of the firewall log detailing a dial-up access attempt from one of our machines to RWW. I do not understand the multiple access records being shown in it for what I believe is a single-user attempt to gain access to the server.
Subsequent to the log records below, there are five successful log records for access through port 4125 on the server (the RWW port). Could somebody explain (the obvious?) to me?
Firewall Log (Rule 1 is for Port 25 (SMTP) requests, Rule 2 for port
443 (HTTPS) requests):44 Firewall rule match: TCP (W to L, rule:2) XX.10.32.10:3081
192.168.16.2:443 ACCESS FORWARD 45 Firewall rule NOT match: TCP (W to L, rule:1) XX.10.32.10:3081 192.168.16.2:443 CHECK NEXT RULE 46 Firewall rule match: TCP (W to L, rule:2) XX.10.32.10:3080 192.168.16.2:443 ACCESS FORWARD 47 Firewall rule NOT match: TCP (W to L, rule:1) XX.10.32.10:3080 192.168.16.2:443 CHECK NEXT RULE 48 Firewall rule match: TCP (W to L, rule:2) XX.10.32.10:3079 192.168.16.2:443 ACCESS FORWARD 49 Firewall rule NOT match: TCP (W to L, rule:1) XX.10.32.10:3079 192.168.16.2:443 CHECK NEXT RULE 50 Firewall rule match: TCP (W to L, rule:2) XX.10.32.10:3078 192.168.16.2:443 ACCESS FORWARD 51 Firewall rule NOT match: TCP (W to L, rule:1) XX.10.32.10:3078 192.168.16.2:443 CHECK NEXT RULE 52 Firewall rule match: TCP (W to L, rule:2) XX.10.32.10:3077 192.168.16.2:443 ACCESS FORWARD 53 Firewall rule NOT match: TCP (W to L, rule:1) XX.10.32.10:3077 192.168.16.2:443 CHECK NEXT RULE 54 Firewall rule match: TCP (W to L, rule:2) XX.10.32.10:3076 192.168.16.2:443 ACCESS FORWARD 55 Firewall rule NOT match: TCP (W to L, rule:1) XX.10.32.10:3076 192.168.16.2:443 CHECK NEXT RULESet-up: Zyxel router connected to Windows 2003 Server.
Cheers.