An attack Wan to Lan on Zywall 5

cicco Posts: 1  Freshman Member
edited April 2021 in Security
Good morning,
in my windows active directory, some users are disabled as if someone tried to force the password. I thought of an attack from the outside. I have a Zywall 5 and some public ip. The NAT (M-1) output is enabled for all clients from to on a public ip y.y.y.10 and for a machine I have a NAT 1-1 from to y.y.y.11. I've always had attempts to access Wan to Wan to ip y.y.y.11 over the years. Now, in the firewall logs I see Wan to Lan attempts from some ip to I do not understand how it's possible to see an ip of the lan from the outside. Can you help me?


All Replies

  • Jeremylin
    Jeremylin Posts: 166  Master Member
    First Anniversary First Answer First Comment
    The log should show remote user's Wan IP to Zywall5's Wan IP not Lan IP.
    Could you show me the screenshot of this case for checking. I think you need to hide part of IP information for security reason:)

Security Highlight