I have noticed some odd NAT entries, and cannot explain them. The static translation is:
ip nat inside source static 192.168.0.222 111.111.111.111
There is an inbound ACL on the WAN interface that only allows a few standard ports. Yet I see translations like:
Pro Inside global Inside local Outside local Outside global
tcp 111.111.111.111:42658 192.168.0.222:42658 189.1.169.195:40569 189.1.169.195:40569
If the ACL is checked before NAT, why am I getting random ports from some ip address in Brazil(this router in in the USA and has no business connecting to any other country)? Port 48139 isn't allowed, so how can there be a translation? The only ports that 192.168.0.222 ever initiate a connection to are 80 and 443.