I am having an issue with traffic going to a WAN incorrectly. I have a slow DSL connection on WAN1 dedicated for four xboxes. Every so often, I catch my laptop using this WAN for some “Apple” service.
192.168.20.89 is the IP that should not be in this list…
I have 4 outbound policies and they are ALL “enforced” rules. Is there something special about port 5223 TCP?
Rule 1 - Guest VLan (non-DSL) enforced
Rule 2 - Xboxes port 80 (non-DSL) enforced
Rule 3 - Xboxes non-port 80 (DSL) enforced
Rule 4 (default rule) - Any IP Any Port (DSL) enforced
From what I understand about firewalls, the only rule that should have matched would be rule 4 (default) and it should NOT be going out my slow DSL connection.
Would it be possible to get a list of the “hidden” outbound policies that force traffic down WAN1? Is the general rule of thumb to be use WAN1 for non-priority traffic?
I don’t think this is the same issue Rick-DC. None of my links have gone down in quite some time. This behavior is more like the SIP and IPSec Nat-T settings. The only difference is that I cannot see an option to allow me to route the traffic the way I want it routed.
The problem is that my DSL connection is just barely capable of running the games that it was purchased for - when this rogue process chews up bandwidth, I see issues in the game.
It looks like TCP 5223 is for Apple push notifications.
