I have a new Surf SOHO I just setup in my network. It sits inside a pfSense firewall that uses Nord DNS servers. In the pfSense firewall traffic I see the SOHO trying to connect to 126.96.36.199 and being blocked by Snort with a notice: “PROTOCOL-ICMP Unusual PING detected”.
Why is the SOHO trying to connect to Google? I tried setting the DNS and Health Check DNS to the Nord servers and it didn’t make a difference. I gave the SOHO a static IP and it’s still the same.