1 Reply Latest reply on Sep 23, 2012 9:20 PM by Pritish

    Trusted Network detection fails on large subnet mask

      I am a end user of the SaaS Endpoint product ( Firewall Engine 14.4.0.503 ) and have noticed a behavor with the detection of Trusted Networks that conserns me.

       

      I use a wireless network for work and every moring I receive notice that I'm on a different network and asks if I want to trust this network.

       

      The Wifi network here has a very large subnet mask (255.255.128.0) so I get a IP address from all over every day. I notice that if I hover my mouse over the warning, it shows the network IP address as 192.168.111.X ( the 111 part is different every day)

       

      What worries me is that it looks like the firewall module is ignoring the subnet mask when determining if the network is trusted and assumes the mask is 255.255.255.0

       

      Generaly, I would never think IP address should be the only items used in the determination that a network is truted, It should use the MAC address of the gateway. I'm likely to have a few 192.168.1.X networks I trust and don't trust, but the MAC addresses are different (and yes I know a hacker could fake that too)