Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 2 subscribers
  • Views 5110 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

A lot of SSDP default drop, why?

magnusha
I have some problem figuring out what the cause of the massive SSDP drop on my firewall. Yesterday I had 90 611 dropped packets on the firewall. Anyone have an idea of what causing this issue? I have added some live log if it is to any help. 

Thanks!  
01:09:13	Default DROP	SSDP	  108.162.242.191:80→myip:1900 len=118	ttl=244	tos=0x00	srcmac=XX tmac=XX



01:09:13	Default DROP	SSDP	  66.249.84.248:80→myip:1900 len=118	ttl=244	tos=0x00	srcmac=XX	dstmac=XX



01:09:13	Default DROP	SSDP	 66.249.84.248:80→myip:1900 len=118	ttl=244	tos=0x00	srcmac=XX	dstmac=XX



01:09:13	Default DROP	SSDP	 66.249.84.248:80→myip:1900 len=118	ttl=244	tos=0x00	srcmac=XX	dstmac=XX



01:09:15	Default DROP	SSDP	 5.196.36.119:27015→myip:1900 len=118	ttl=244	tos=0x00	srcmac=XX	dstmac=XX


This thread was automatically locked due to age.
Parents
  • 0
    Excerpts from the full firewall log would be much more helpful.  Do you have a firewall rule to allow the traffic?  Also, please Go Advanced and post a screenshot of the SSDP service definition details you created.  Very unusual to want to allow SSDP from external IPs.  Do you recognize any of those IPs?
Reply
  • 0
    Excerpts from the full firewall log would be much more helpful.  Do you have a firewall rule to allow the traffic?  Also, please Go Advanced and post a screenshot of the SSDP service definition details you created.  Very unusual to want to allow SSDP from external IPs.  Do you recognize any of those IPs?
Children
No Data