Strange behavior with ATT gateway in IP Passthrough
-
Hi all,
New to the Netagte and PFsense world and have been learning a ton.
I currently have my Netgate 5100 behind the ATT gateway in IP passthrough mode.
My ATT gateway is at default ip 192.168.1.254, and I have been seeing it show up on my WAN interface firewall logs.
WAN Block private networks from WAN block 192.168/16 (12004) 192.168.1.254 224.0.0.1 IGMP WAN Block private networks from WAN block 192.168/16 (12004) 192.168.1.254:1377 192.168.1.255:137 UDPIs this something I should be concerned with? What is recommended to do in this situation?
TIA!
-
@code4food23 That seems pretty common in my experience. See this for example. In the log settings you can uncheck "Log packets blocked by 'Block Private Networks' rules" and/or "Log packets matched from the default block rules in the ruleset" if desired, to clean the logs up, which is what I do.
-
@steveits Thanks alot! Didnt know I had the option to uncheck those. Would you also uncheck the logging of 'Block Bogon Networks' rules?
Also, so my ISPs gateway showing up on the WAN side isn't something I need to be worried about? Is this because from the POV of the firewall their router is on the WAN side?
-
@code4food23 Your router is on the AT&T router's LAN. You can actually still browse to its IP. The bogon list is unallocated IPs so that's a bit different, it's up to you whether to log that. Those are probably more rare. Usually when I set up a router I turn off the default blocks as it tends to fill the logs, and turn them on when I need to track down a connection error.
-
@steveits said in Strange behavior with ATT gateway in IP Passthrough:
Your router is on the AT&T router's LAN.
So is this why it was appearing on the WAN interface logs?
& Thanks for the suggestion, my firewall logs sure looks so much cleaner, and its mind blowing to see how many IPs are getting blocked by pfBlocker