02-02-2017 11:06 AM - edited 03-08-2019 09:09 AM
Our captured traffic shows destination port UDP 3544. (default port for Teredo tunnels is UDP 3544)
The destination addresses have private addresses (10, 172 and/or 192 and 13.92.90.48 which resolves to Microsoft).
Because we have dynamic NAT/PAT setup on the border firewall, outbound traffic gets a new public source address but the destination IP is still private.
Can we safely assume that unless we have twice nat setup on the border firewall, then any traffic egressing the border firewall is dropped due to the destination private address?
Thanks
Frank
02-02-2017 11:57 AM
This firewall connects to the Internet? If so, you should not be sending packets out of the firewall with private IP addresses as either the source or destination. It wont be routable on the global Internet.
02-02-2017 12:01 PM
I know and that is part of the problem. The packet capture shows data is being transferred - 1000s of packets but I cannot understand how this is taking place when src/dst is RFC 1918 addresses.
If we have a nat technology that nats both src/dst to public address is the only thing I can think of.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide