Dell Sonicwall - IP Spoof Detection
Posted on 2014-11-17
Sonicwall NSA 4500
X3 SAN network
X4 ISP #3
x5 ISP #5
X1-2 are actually the same ISP, but just have a disjoint subnet with static IP's in compeltely different ranges. These two interfaces connect to a small switch and up to the ISP (radio based)
x5 ISP #4 is business class cable for browsing the internet. No static IPs.
X4 ISP #3 - New ISP via fiber with a ton of static IP's.
Here's my issue. Only on the new X4 (ISP #3) - Any time I setup a NAT (either 1-2-1 or port based) and my firewall rules, nothing works. Went as far as directly attaching a laptop to the carrier's handoff and assigning a static IP and it works.
After some looking around, I am getting
Intrusion prevention IP Spoof Dropped <source> <destiantion> mac: <MAC of the carriers router>
I can resolve this by turning off IP spoof detection on the "hidden" daiag page - but I'd really a)Not like to have to do that b) Have this work as planned.