Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    RFC1918 Addresses Showing up in Firewall Logs on WAN

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 2 Posters 571 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • cwagzC Offline
      cwagz
      last edited by

      Is it possible that something on my end is causing this?  I do not use the 10.x addresses internally.  These started showing up a few weeks ago.  Please see attachment.

      When I ping the address Verizon says it is unreachable.  Is this something I should be worried about?

      PING 10.148.83.146 (10.148.83.146) from xx.xxx.xxx.xxx: 56 data bytes
      76 bytes from G0-13-2-0.LSANCA-LCR-22.verizon-gni.net (100.41.195.152): Destination Net Unreachable
      Vr HL TOS  Len  ID Flg  off TTL Pro  cks      Src      Dst
      4  5  00 0054 61e7  0 0000  3f  01 d87f 98.112.128.172  10.148.83.146

      –- 10.148.83.146 ping statistics ---
      3 packets transmitted, 0 packets received, 100.0% packet loss

      2.2.3-DEVELOPMENT  (amd64)
      built on Sun Jun 21 16:02:12 CDT 2015

      FreeBSD 10.1-RELEASE-p13
      Capture.PNG
      Capture.PNG_thumb

      Netgate 6100 MAX

      1 Reply Last reply Reply Quote 0
      • C Offline
        cmb
        last edited by

        Your ISP shouldn't let you get there. It's certainly a bit odd, but I doubt it's anything to be concerned with. It looks like a reply from a HTTPS server to a connection you initiated, but somehow the reply got sourced from a private IP, and made it across the Internet back to you. If we were in an ideal world that shouldn't be possible, but a lot of ISPs don't filter that traffic ingress (or egress at times).

        What likely happened is you connected to some HTTPS site whose network was broken in such a way that some server routed replies back without NAT happening to translate it back to the public IP you actually connected to in the first place.

        If it continues, it's worth investigating what's happening. If not, don't worry about it.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.