DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Can't get filter rules working

More
03 Nov 2014 14:23 #81633 by bienvenum
Can't get filter rules working was created by bienvenum
NO matter what I try I cannot get filter rules to work.

I am trying to block all SMTP out of my network apart from our email server.

I have tried creating Call and data filter rules as follows (in this order)

Block Source of the complete subnet for SMTP with a Action of Block if no further match
Allow source of Email Server for SMTP with an Action of Pass immediately.

However any machine on the subnet can telnet out to email servers.

I am using a 2920vn on firmware 3.6.7.1 which is the latest at the time.

Please Log in or Create an account to join the conversation.

More
03 Nov 2014 15:43 #81636 by marjohn56
Replied by marjohn56 on topic Re: Can't get filter rules working
Hope this is not a silly.. :)

Telnet is a different port - 23, SMTP is port 25.

I assume you are trying to telnet on port 25 and not default 23?

Please Log in or Create an account to join the conversation.

More
03 Nov 2014 16:22 #81639 by bienvenum
Replied by bienvenum on topic Re: Can't get filter rules working
:lol:

Of course I am trying port 25 and not 23

In fact wrt to filter rules if I create a rule that says if port 80 from lan to wan block it doesn't get blocked. No rules seem to be working.

Please Log in or Create an account to join the conversation.

More
03 Nov 2014 16:26 #81640 by sicon
Replied by sicon on topic Re: Can't get filter rules working
it needs to be something like this... (and in data filter top down not call filter)





Please Log in or Create an account to join the conversation.

More
03 Nov 2014 16:59 #81644 by bienvenum
Replied by bienvenum on topic Re: Can't get filter rules working
Hi, thanks for your reply and sorry for maybe asking a simple question here.

First picture you are blocking all SMTP coming from WAN to LAN

Second picture you are calling it allow SBS and have a rule from LAN to WAN with a Source of !192.158.1.8 (what does the "!" signify?) with a block if no further match

Third rule allows from Websense or Sicon coming from WAN to LAN and will pass it through to your mail server on 192.168.1.8

At no point are you blocking any emails from LAN to WAN except from your mail server (unless I am missing something) and that is precisely what we need to do ???

Please Log in or Create an account to join the conversation.

More
04 Nov 2014 09:14 #81653 by sicon
Replied by sicon on topic Re: Can't get filter rules working

bienvenum wrote: Hi, thanks for your reply and sorry for maybe asking a simple question here.

First picture you are blocking all SMTP coming from WAN to LAN

Second picture you are calling it allow SBS and have a rule from LAN to WAN with a Source of !192.158.1.8 (what does the "!" signify?) with a block if no further match

Third rule allows from Websense or Sicon coming from WAN to LAN and will pass it through to your mail server on 192.168.1.8

At no point are you blocking any emails from LAN to WAN except from your mail server (unless I am missing something) and that is precisely what we need to do ???




The 2nd rule is blocking the LAN to WAN traffic > The ! means invert selection and the Ip address is the Exchange Server so it sends SMTP out from that IP only.
The rules block everything internal except the exchange LAN>WAN and only allows SMTP in WAN>LAN from Websense and the Sicon Servers

Please Log in or Create an account to join the conversation.

Moderators: Chris