Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems
Jul 24 08 1:48 pm
Hi, I am having an issue with aparently valid packets being dropped - Reason: Spoof Attempt
Problem is, they should be fine and I have had to disable 'Discard spoofed packets' in order for the server monitoring software to get a response back - otherwise my server gets rebooted every 5 minutes due to no response.
Wingate firewall hit report:
Time: 23/07/2008 8:45:23 PM
Reason: Spoof Attempt
Source MAC address: 00-1B-D5-XX-05-XX
Destination MAC address: 00-30-48-XX-34-XX
Source IP Address: 10.5.XX.XX : 48769
Destination IP Address: 67.192.XX.XX : 25
Protocol: TCP
TCP flags: S
Time-to-live: 60
Wingate firewall hit report:
Time: 23/07/2008 2:15:06 AM
Reason: Spoof Attempt
Source MAC address: 00-1B-D5-XX-05-XX
Destination MAC address: 00-30-48-XX-34-XX
Source IP Address: 10.5.XX.XX : N/A
Destination IP Address: 67.192.XX.XX : N/A
Protocol: ICMP
Time-to-live: 60
Any suggestions where I should start?
Jul 28 08 12:23 pm
in WinGate, spoofing means the source address is private and it is received on an external interface.
In your case, with the DMZ being effectively external, but not using public IPs, you'll need to disable the spoof check (which it looks like you've done).
Powered by phpBB © phpBB Group.
phpBB Mobile / SEO by Artodia.