Hello guys
I have a fairly basic setup with the EdgeRouter Lite. I am using this box with primarily one port forward rule - to open RDP to the internet.
I'm checking the Windows Event Viewer and I am seeing lots of failed authentication attemps, so I was wondering if it's possible to pull the Firewall logs so I can see which IP address this is coming from, and then create a rule on the EdgeRouter to block that IP address.
I'm coming from a Sonicwall so working with the EdgeRouter is a bit unusual for me, but any help is appreciated.
Thank you!