Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
422
Views
0
Helpful
0
Replies

RV-325: Firewall may not be working the way I thought it would

rdk_cisco1
Level 1
Level 1

‎11-11-2020 05:54 AM

I have an RV-325 router (10.0.1.1) connected to two WAN sources: WAN1 and WAN2.  WAN2 (eth2) is an ADSL modem router which forwards all traffic via a DMZ port 192.168.1.29 to the RV-325 WAN2.  I see entries like these in the RV-325 "System LOG" which I do not understand:

 

2020-11-07, 04:50:50 ALLOW TCP 45.129.33.129:58939 -> 192.168.1.29:9206 on eth2
2020-11-07, 04:50:50 ALLOW TCP 45.129.33.129:58939 -> 10.0.1.12:9206 on eth2

 

The first line above seems like the outside address (45.129.33.129) with port 58939 is being passed along to the RV-325 as 192.168.1.29 port 9206.  As far as I can determine the ADSL modem is not supposed to be doing any port translation or port forwarding activities.

 

I'm not at all clear about the second line, except that it looks like the DMZ packet from the ADSL modem is 45.129.33.129 port 58939 which is being sent to the RV-325 modem/firewall and port translated to 10.0.1.12 port 9206. 

 

I have the following port forwarding rules in the access rules in the firewall:

Allow     PiA [9206]     WAN2     Any     10.0.1.12 ~ 10.0.1.12    Always
Deny     PiA [9206]     WAN1     Any     10.0.1.12 ~ 10.0.1.12     Always

 

Is this unwanted traffic actually arriving at the 10.0.1.12 port 9206?  Thanks....RDK

 

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents