I'm getting this message in my firewall network protection log. I have a server hosting a web service for outside clients to acess via port 8085. On the firewall we has a simple DNAT rule setup with the following settings.
Selector: ANY > Port 8085 > External
Destination: Internal Server
Automatic Firewall Rule: No
I have a firewall rule setup of ANY > Port 8085 > Internal Server Allow.
We have had this DNAT and firewall rule setup for years and it has worked fine. Other external clients can access the service just fine, we are only having issues with 1 client. They have a static IP address at the site. In no way does this address even resemble any internal networks on the firewall. How can I get the firewall to stop thinking these packets are spoofed?
Here is the output in the firewall log.
Spoofed packet TCP 166.X.X.X:49564 → (FirewallPublicIP):8085
This thread was automatically locked due to age.
