Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

Access rules and logging

ittech99ittech99 Newbie ✭
in High End Firewalls

Hi,

I´m trying to log outgoing smtp connection attempts without any luck.

I have a working access rule, LAN to WAN. Deny port 25

sw access rule.png

Under Log settings I assume the LAN TCP Deny would correspond to the Deny rule but as you can see it shows 0 matches:

Log Settings, Network, TCP

sw logging.png


What am I missing here?

Category: High End Firewalls
Reply

Answers

  • shiprasahu93shiprasahu93 Moderator

    Hello @ittech99,

    I tried to test something similar. I get logs as 'TCP connection dropped' which is an event under Network -> TCP -> TCP Packets dropped. The notes tells that it is not allowed by a policy. You can change this to alert level for better visibility. By default it is on Inform.

    Sample log message:

    image.png

    Log setting:

    image.png

    I hope that helps.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • SaravananSaravanan Moderator

    Hi @ITTECH99,

    You should see the logs for the SMTP - TCP 25 dropped packets in SonicWall as "TCP connection dropped" as shown below,

    Logs.JPG

    Please make sure you have the Log Sub Category "TCP Packets Dropped" under Network | Network Access | TCP as shown below,

    Log Settings.JPG

    Hope this helps.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

Sign In or Register to comment.