Blocking notifications showing phantom source IP and phantom destination IP
Getting this notification for the last 2 months
Alarm Any.Deny-Trusted-2-Optional-py generated by device T15: Policy Name: Any.Deny-Trusted-2-Optional-00 Source IP Address: 192.168.27.38 Source Port: 51687 Destination IP Address: 10.0.2.102 Destination Port: 7680
I have a LAN with 3 computers permitted access to a file server on an optional network only on 3 SMB ports and on ports 80 and 443. Ports 80 and 443 are permitted only because Microsoft systems verify the validity mapped drives and shortcuts by attempting connections on 80 and 443 and I didn't want the workstations blocked because of this traffic.
There is no device with IP 184.108.40.206 on the LAN and there is no device with IP 10.0.2.102 on the optional network. Port 7680 is the Window Update delivery optimization port.
These alerts come every few days, but today there were about 10 alerts in a 30 minute period.