This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Internal IP addresses being identified as Attackers by XG

Hey, everyone. I feel like I may have set up my firewall backwards or something. As seen in the picture, many of my internal IP addresses are being identified as attackers, and external sources are listed as victims. Is this typical behavior?

I have my WAN set up as 10.0.0.X which is pulling its IP from my ISP's modem, and I have my LAN set up for 192.168.1.X. All internal addresses pull an address in this range.

This thread was automatically locked due to age.

Parents

0 FloSupport over 6 years ago

Hey Neil Ford1

Would it be possible to please enable the support access tunnel for your appliance and PM me with the access-ID? I'd like to take a closer look at your configuration.

Thanks!
Cancel
Vote Up 0 Vote Down

Cancel
0 LuCar Toni over 6 years ago in reply to FloSupport

Bet everything on the new Lets Encrypt pattern. Can you show us, which attacks are involved?
Cancel
Vote Up 0 Vote Down

Cancel
0 rfcat_vk over 6 years ago in reply to LuCar Toni

Hi folks,

I used to receive that report a lot until I cleaned up my DNS on the XG.

Do you means this

Attack : SERVER-WEBAPP Lets Encrypt SSL certificate issuer detected

Ian
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 rfcat_vk over 6 years ago in reply to LuCar Toni

Hi folks,

I used to receive that report a lot until I cleaned up my DNS on the XG.

Do you means this

Attack : SERVER-WEBAPP Lets Encrypt SSL certificate issuer detected

Ian
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data