RFC1918 Addresses Showing up in Firewall Logs on WAN
-
Is it possible that something on my end is causing this? I do not use the 10.x addresses internally. These started showing up a few weeks ago. Please see attachment.
When I ping the address Verizon says it is unreachable. Is this something I should be worried about?
PING 10.148.83.146 (10.148.83.146) from xx.xxx.xxx.xxx: 56 data bytes
76 bytes from G0-13-2-0.LSANCA-LCR-22.verizon-gni.net (100.41.195.152): Destination Net Unreachable
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 61e7 0 0000 3f 01 d87f 98.112.128.172 10.148.83.146–- 10.148.83.146 ping statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss2.2.3-DEVELOPMENT (amd64)
built on Sun Jun 21 16:02:12 CDT 2015FreeBSD 10.1-RELEASE-p13
-
Your ISP shouldn't let you get there. It's certainly a bit odd, but I doubt it's anything to be concerned with. It looks like a reply from a HTTPS server to a connection you initiated, but somehow the reply got sourced from a private IP, and made it across the Internet back to you. If we were in an ideal world that shouldn't be possible, but a lot of ISPs don't filter that traffic ingress (or egress at times).
What likely happened is you connected to some HTTPS site whose network was broken in such a way that some server routed replies back without NAT happening to translate it back to the public IP you actually connected to in the first place.
If it continues, it's worth investigating what's happening. If not, don't worry about it.
