Cumulus Support

Just an observation I made while poking around in my Router.

There are a lot of concurrent NAT sessions listed between my weather PC & my website host.

Does this appear normal, or is it an indication of so sort of unnoticeable FTP issue?
There's maybe 1/2 dozen more not visible in the image.

Hi Phil, This does not seem normal to me if you don't know where it is coming from. I understand you have more than one machine in your local network, I would shutdown, reboot the router and start up one by one checking where the router starts filling the NAT table. If it does not fill at startup but later (and/or one by one slowly) try to identify and isolate the originating process step by step. Somebody gaming?

HansR wrote: ↑Wed 15 Jul 2020 6:17 am I understand you have more than one machine in your local network,
try to identify and isolate the originating process step by step.

Yeah there's a few devices on the network.
82 entries in my ARP Cache, but admittedly that's over 4 VLANS.
My main subnet has 61 of that total.

Reboots are a bit scarce, with the number of devices & the two VPN that can at times be in use daily.
Current up time on the router is currently 49 days & the WAN has only dropped once 23 days back when I pulled it's plug to untangle a mess....


The source is definitely the Weather PC & it's list of TCP connections looks pretty normal except for the excessive connections to the hosting provider.
Nothing suspicious jumps out.

Somebody gaming?

Not in this house.....!

Don't really hold my hosting service in the highest of regards, but it is the devil I know.
I have had issues with stuck connections in the past.

Other thing is that the routers list may have a degree of persistence.

Make sure UPnP is disabled.

Then go through the list of port forwarding and make sure you intend for those to be open.