I have one specific 2008 R2 server that is set up in the following fashion using port forwarding to a protected subnet.
192.168.100.4 (main server IP) 192.168.100.60 -> 192.168.103.xx 192.168.100.61 -> 192.168.103.xy 192.168.100.62 -> 192.168.103.xz I'm running the 2.7 OSSEC client. Ever since I added these secondary IPs and the port forwards I'm not able to connect to the server. The error in the log is "ossec-remoted(1213): WARN: Message from 192.168.100.60 not allowed." The 192.168.100.4 is the first IP binding on the interface. Is there a way to specify in the ossec.conf client side to specify the local IP to use, or any other resolution for that matter? -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
