OK, this morning it was up and down (all ports) a few times. I finally logged in via RDP right now.

Which logs do you want?

/Gripe: Why does the viewing of the logs start from the begining of the log? Most start at the last or at least scrolls. This "Next Page" button thing is driving me nuts.

UPDATE:

So far, it looks like if I stay connected it's solid. I'm going to disconnect now and see what happens in an hour.

We should get a good idea of what is going on from the "Firewall", and "System" logs. If the router is denying connections we should be able to see that with those two logs. This is really random, as I have not been able to replicate your problem. If this continues, having your config file would be helpful. Just change passwords, and private info before you back up the configs to send or post.

OK, this morning I was able to get in and all ports worked.

Pardon my ignorance but how do I save the logs to a text file? Remember, I have never used this router before.

"If the router is denying connections we should be able to see that with those two logs."

Funny you mention that. I had 5 IP's in my log, traced them back all 5 to china. So last night I blocked the entire inetnum range with the "IP Based ACL".

IPS reports the following...

At 10:01am today I just lost connection. My RDP session just stopped. But I can still get to my neighbors and he has a belkin sometinhg router. I can connect to his machine/server via RDP. We have the same ISP/Carrier.

OK, so I am going to get back on my soap box and yell at you again.

Remove all together any reference on the external side that has to do with anything, portforward, port trigger, etc. that reference a well known port. I know you may still need to leave 443, 25 as is; so for those, make sure your server is locked nice and tight. Port 8080 (not meaning to sound rude) is a typical web port, being for UIs or not. Turn that off. What they are doing (most likely) is a port scan, and they see 8080 as an available port. Because it is 8080, DoS and buffer overflows are typical webserver attacks. Since that port is also being forwarded to your server for RDP; and if they figure this out, that will put your server in a very dangerous situation.

I am glad to hear that you hard coded those addresses on your router, very smart. The bummer part is that those are only a tiny slice of addresses that may pose a threat. If you are running an email server and use a service like Postini, make sure that you have rules in the firewall that only allow mail to and from the Postini servers, and nowhere else. For ftp, I would either turn it off, or just give people access to it only when needed. If you use it all the time, then make rules that would only allow your IP to access it. I am sure, that we have other denied connections that may also reference port 8080 directly.

Keep us posted.

EDIT:

Your above post said that you were able to RDP to your freind's box with no problem, I am not surprised. I have never thought the problem to be on your machine. There is no question the router is either denying the connection, or just getting confused. With the added info of your IPS log, I beleive the router may be seeing the RDP connection on 8080 as an attack. If so, we should have log entries.

OK, As soon as I can connect back I will disable all but one port forwarding port and use a not so common port number for my RDP. I'll let you know when it's done.

As of 11:27 now I can not connect.

Go through all your logs as well and post pertinent info. This is nutty but we will get it stable.

Well....

I finally got in but my logs rolled over and wrote over the times I knew I lost connection....lol.

So I did as you asked and shut down all portforwarding except my super special top secret port I am using to RDP.

It's the weekend so I dun't know when I will be able to check remotely if I lose connection.

Also, in the IPS| Report, how is that graph read? The times don't appear to correlate with the current time.

As of today, I can not connect to my system from the WAN side. This is "End Game". Returning the router and getting the Netgear model I tested that worked.

Thanks all.

I am really sorry to hear that. I hope you at least tried to call tech support before you threw in the towel. It really just seemed like we had some random misconfiguration on the router somewhere. Please let us know if there is anything we can do.