Is it possible to log rejected incoming connection attempts

firewall

#1

Is it possible to log unsolicited incoming connection attempts that the router firewall has blocked?

Under the Advanced tab (firmware v7.1) I have set a number of Inbound Firewall rules similar to this one for Telnet.

Others I set were for port 3389 RDP, port 5900 VNC, port 2323 Mirai botnet and port 443 TLS. None of them have generated an entry in the Event Log and the rules have been active for a very long time. The router, a Surf SOHO is connected to a modem and then directly to the Internet.


#2

This is possible.

  1. Enable NAT Mapping
  • You can do NAT Mapping to one of the device in LAN. This allows all incoming connection to the device.
  1. Add this firewall rule with Event Logging enabled

Hope this helps.


#3

Thanks but I am not familiar with NAT mapping. What is least intrusive or invasive option for NAT mapping? Can it be enabled for a single IP address that is not used by any device?


#4

NAT Mapping will do one to one IP natting (inbound and outbound). You should apply firewall rule to guard the LAN host after NAT Mapping is enabled. You could do the NAT mapping to a dummy LAN host to achieve your requirement.

Please take note, this is recommended for traffic analysis purpose only.