Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
silviogulbf
New Contributor

Whatsapp call - IPhone trying connect directly to mobile network valid ip address

Hello Administrators!!!

I recently observed behavior in the subject of this message.

Below is part of the traffic extracted with "diagnose sniffer packet command"

 

 2.771287 31.13.71.48.3478 -> 10.1.XXX.XXX.62870: udp 68
2.771716 31.13.71.48.3478 -> 10.1.XXX.XXX.62870: udp 68
2.777748 31.13.67.51.3478 -> 10.1.XXX.XXX.62870: udp 68
2.778070 31.13.67.51.3478 -> 10.1.XXX.XXX.62870: udp 68
6.355758 10.1.XXX.XXX.62870 -> 177.195.98.XXX.56704: udp 44 (Drop, because matched in policy 0)
6.938413 10.1.XXX.XXX.62870 -> 177.195.98.XXX.56704: udp 44 (Drop, because matched in policy 0)
7.522756 10.1.XXX.XXX.62870 -> 177.195.98.XXX.56704: udp 44 (Drop, because matched in policy 0)
8.104866 10.1.XXX.XXX.62870 -> 177.195.98.XX.56704: udp 44 (Drop, because matched in policy 0)

177.195.98.X in this exemple, is the dinamic valid IP from Mobile Network connection on cell phone

Does anyone have any ideas about this behavior?


1 REPLY 1
rtichkule
Staff
Staff

Hello @silviogulbf ,

Seems like there is no matching policy from 10.1.XXX.XXX.62870  to  177.195.98.XXX.56704 for udp port 44.

Use the following command to trace a specific traffic on which firewall policy it will be matching


diag firewall iprope lookup <src_ip> <src_port> <dst_ip> <dst_port> <protocol> <Source interface>

 

BR

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors