NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
SRX5308 , Maximum Entries Inbound Services
I am running a SRX5308 for one of our clients, managing access to multiple servers from outside their main facility. The simplest method for providing this access to this point has been port forwarding for RDP access. We also have several users who remotely connect to their business desktops via RDP, and we've forwarded their ports appropriately.
Due to the nature of Internet Trolls, we've had to perform several IP range blocks because of hack attempts to the systems. This morning, I ran into a snag where my remote session wouldn't reconnect after adding a couple more IPs to the "Naughty" list. Fortunately, the central location is less than 5 minutes away, so I was able to zoom over and guess at my issue, which seems to have been the sin of using more than 64 Inbound Service rules, whereupon the router just ignored all of them.
Is this an accurate assumption? If so, is there a workaround? If not, can someone point me to a brand that allows more than 64 Inbound services? Thanks!
By the way, if anyone ever comes back to this problem in the future, I got with someone who actually knows what they're doing in Netgear (props to Alex), and this is a shortcoming of this (and likely other netgear) routers: they can't manage over 64 individual rules.
10 Replies
Hello? Anybody home? DaneA, any ideas?
Hi cpatterson,
Kindly answer the questions below:
a. Have you double-checked the order of precedence of the Inbound rules that are currently configured on the SRX5308?
b. Have you tried to reboot the SRX5308 then check if all Inbound rules work?
c. Are there any changes made recently within the network setup where the SRX5308 is deployed?
d. What is the current firmware version of the SRX5308?
Regards,
DaneA
NETGEAR Community Team
Hi DaneA, thanks for your response.
a: the Order of the inbound services is exactly what I need it to be. I am blocking various addresses (the undesirables) before I do any of the port forwarding (required). We found that if you do the port forwarding first, the undesirable addresses get their junk forwarded before they can be blocked, which is, I assume, the point of having a precedence.
b: I have rebooted the SRX5308, but not when I was having the issue. I cannot verify the "blocked" addresses are still blocked (since they source from different countries), but Wireshark doesn't show any additional traffic from my "blocked" locations, and the forwarding works properly. However, once I crossed that "65 services" line, port forwarding stopped working, and I was required to physically visit the location. Once I removed the earliest two "blocked" addresses, the port forwarding started working again. None of this process required a reboot to change state.
c: No other changes are made within the network. I can replicate the issue (It happened once by accident, and once by intention to verify) simply by adding aditional services in the SRX5308 past the "65".
d: The current version of firmware on the device is 4.3.4-1. Is there some patch that addresses this limit? The last time I updated the firmware to a netgear device, it blew out all my added services and I had to scramble to re-add them. I had not done an update, since nothing in the patch notes I read indicated a change to this issue.
So, DaneA, any further input? thanks
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
