If I turn on logging/blocking of invalid forward traffic in this intermediate router I get a lot of packets that seem to be legit but are being marked as invalid.
For now I am allowing it in case it causes problems for our customers so I hope someone might be able to explain why I am seeing this.
To clarify this router is running PPPoE Server serving public IPs to PPPoE customers. Each customer is running their own consumer grade firewall and NAT
The router in the screenshot is not doing any NAT
The traffic looks legitimate so I am trying to establish why it is being marked as INVALID.
Why are these packets invalid?
You do not have the required permissions to view the files attached to this post.
Re: Why are these packets invalid?
Those ack,fin and rst are package sent by the other side to end the established connecting, that is considered by your Mikrotik already as ended.
These packets are coming in now and are bouncing off because nobody is waiting to welcome them.
These packets are coming in now and are bouncing off because nobody is waiting to welcome them.
Re: Why are these packets invalid?
Thank you for the reply, I am not clear what you are mean though or if it is normal or not?
The majority of these packets come from my customer side (PPPoE clients) attempting to reach outside (internet) addresses
The majority of these packets come from my customer side (PPPoE clients) attempting to reach outside (internet) addresses
Who is online
Users browsing this forum: No registered users and 46 guests