reveal IP connection source from bruteforce authentication attempt

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
gaelroma
Posts: 10
Joined: Thu Sep 27, 2018 10:56 am

Re: reveal IP connection source from bruteforce authentication attempt

Postby gaelroma » Tue Oct 16, 2018 9:22 am

Yes I need it , because all machines are virtualized. I have two public IPs one for the web server and one for the mail server. the third public IP is for the firewall...

resuming the NAT configuration:

I access to the firewall with a public IP, then there are 2 rules (NAT 1:1)

External IP Internal IP Destination IP Description
x.x.x.x x.x.x.12 * Mail Server
w.w.w.w x.x.x.10 * Web Server


axslingr
Advanced member
Advanced member
Posts: 87
Joined: Sat Sep 13, 2014 2:20 am
ZCS/ZD Version: Release 8.8.9.GA.3019.UBUNTU14.64

Re: reveal IP connection source from bruteforce authentication attempt

Postby axslingr » Tue Oct 16, 2018 2:53 pm

Gotcha. I'm out of ideas then. I've never seen Zimbra log connections from the private side of pfSense, especially if no other nat or static routing modifications have been made.

Lance
User avatar
L. Mark Stone
Elite member
Elite member
Posts: 1893
Joined: Wed Oct 09, 2013 11:35 am
Location: Portland, Maine
ZCS/ZD Version: 8.8.10 Network Edition
Contact:

Re: reveal IP connection source from bruteforce authentication attempt

Postby L. Mark Stone » Tue Oct 16, 2018 3:45 pm

This seems like a pfsense issue at the end of the day.

Does this help?

https://forum.netgate.com/topic/113676/ ... hout-nat/7

Mark
___________________________________
L. Mark Stone
Mission Critical Email - Zimbra VAR/BSP/Training Partner https://www.missioncriticalemail.com/
Zeta Alliance http://www.zetalliance.org/
gaelroma
Posts: 10
Joined: Thu Sep 27, 2018 10:56 am

Re: reveal IP connection source from bruteforce authentication attempt

Postby gaelroma » Wed Oct 17, 2018 7:20 pm

I managed to print real IP disabling Outbound NAT rule generation in pfsense.

Thank you guys!

Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 30 guests