Gargoyle NAT 'leaking' port 443?
Posted: Mon Mar 07, 2016 3:18 pm
Hello
Hoping I can describe this without pictures, we will see...
So, my provider's equipment has a firewall built in that I've disabled -except- that all outbound traffic must come from the IP of the Gargoyle router (to prevent people from removing the Gargoyle router and plugging something else in). Since that's the only device attached to the provider's equipment shouldn't be a problem.
I happened to review the firewall logs on the provider's equipment, and interestingly enough, I'm seeing lots of dropped packets, all with source IPs from the Gargoyle's private network and -only- for things going to port 443. For example:
TCP Packet - Source:192.168.1.33,52167 Destination:xxx.xxx.xxx.xxx,443, 10:59:04, 2016-03-07
Why would anything from the Gargoyle router go out to the 'public' side with a private IP address on it? Or is there a known issue here? I use HTTPS sites all the time, and they work, so I don't think all packets have this issue (or I'd not be able to get to any HTTPS site) but something odd is happening.
Wondering if this could be a problem in how I have Gargoyle configured but I don't know where it would be.
I'm more than happy to setup some test/debug/dump firewall rules/configs/etc if that helps solve the problem (if there is one). I'm currently running 1.9.0 with a Netgear WNDR3800.
Thanks!
Hoping I can describe this without pictures, we will see...
So, my provider's equipment has a firewall built in that I've disabled -except- that all outbound traffic must come from the IP of the Gargoyle router (to prevent people from removing the Gargoyle router and plugging something else in). Since that's the only device attached to the provider's equipment shouldn't be a problem.
I happened to review the firewall logs on the provider's equipment, and interestingly enough, I'm seeing lots of dropped packets, all with source IPs from the Gargoyle's private network and -only- for things going to port 443. For example:
TCP Packet - Source:192.168.1.33,52167 Destination:xxx.xxx.xxx.xxx,443, 10:59:04, 2016-03-07
Why would anything from the Gargoyle router go out to the 'public' side with a private IP address on it? Or is there a known issue here? I use HTTPS sites all the time, and they work, so I don't think all packets have this issue (or I'd not be able to get to any HTTPS site) but something odd is happening.
Wondering if this could be a problem in how I have Gargoyle configured but I don't know where it would be.
I'm more than happy to setup some test/debug/dump firewall rules/configs/etc if that helps solve the problem (if there is one). I'm currently running 1.9.0 with a Netgear WNDR3800.
Thanks!