Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Why would a LAN device send traffic specifically to the WAN IP?

    Scheduled Pinned Locked Moved Firewalling
    1 Posts 1 Posters 187 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P Offline
      pfWarrior
      last edited by pfWarrior

      PfSense is set to default deny all outbound on the LAN side and allow only what's needed. Upstream from pfSense's WAN is a Verizon ONT. UPnP is disabled in pfSense. Here's what I'm seeing in the firwall logs, not often, but about 10-15 at a time when they occur.

      fwdenied.png

      The source device is an Apple TV and the destination IP is my WAN, which changes with Verizon's DHCP lease. The source port is always the same, but destination port is always a random high port. Some searching brought up that port 16403 is related to iMessage and iTunes Games. I have/use neither and the ATV works fine for regular video streaming.

      If I make an allow rule, the traffic is passed but my question is, what's happening when something on the LAN specifically is trying to communicate with the WAN address?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.