4. Subnet issue

Subnet issue

  • T

    Traffic shows up in firewall log and its on the same subnet 255.255.252.0 (192.168.10.111:515 192.168.8.24:51162) Any ideas why this would be happening or how to eliminate it? I can't notice a problem other than about 3 times a minuet a new log entry is created as blocked.

    0
  • T

    255.255.252.0 (192.168.10.111:515      192.168.8.24:51162)

    The first bolded port number is a printer spooler service port. The second bolded port number is a random port above 1024 just to keep an established session on port 515, no need to worry about that. Do you have a print server or print sharing enabled on IP address 192.168.10.111 or 192.168.8.24?

    0
  • C

    only way for that to show up like that is if it's destined to the MAC of the firewall, or broadcast. The latter is highly unlikely. Seems likely the 192.168.10.111 device has a wrong subnet mask on it so it's trying to send that traffic via the firewall, not recognizing 192.168.8 as local.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy