NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
NAS Connecting to Unknown IP
My router shows that my ReadyNAS is initiating a TCP outbound connection to the following IPs: 206.16.42.240:443 206.16.42.239:443 I have no idea what these IPs are and have been unable to find...
Hi Mitch,
I can only reassure that I connected the foreign IP addresses to be used by ReadyNAS Remote. I guess it needs to login to a remote server hosting the ReadyNAS Remote authentication and tracking servicde to allow ReadyNAS Remote clients to find their way back to your NAS's public IP address (which may change due to your ISP rules, DHCP, et.c). HTTPS (port 443) is used to secure the connection and prevent unauthorized sniffing of the traffic.
If you want to go to bottom with this problem and is unable to get assistance from your vendor of NAS I suggest that you install the SSH add-on and login to it via e.g. PuTTY (freeware SSH client) and type some simple UNIX commands (or call a friend that can provide you with this if you unsure how to do it).
Then use the "netstat" command to trace in and outgoing connections.
The "-c" option causes netstat to loop continously (until you press CTRL-C).
Below is an example from my NAS
The only external connections are MICROSOFT-DS (Windows File Sharing) and SSH to my laptop.
The "-p" option adds the PID/program name responsible for making outgoing connections or accepting incoming.
I believe you will see that the suspected connections you are seeing are caused by leafp2p (something ReadyNAS Remote drags in).
I also believe that you have ReadyNAS Remote and that removing it + rebooting the device will remove these connections.
/f
I can only reassure that I connected the foreign IP addresses to be used by ReadyNAS Remote. I guess it needs to login to a remote server hosting the ReadyNAS Remote authentication and tracking servicde to allow ReadyNAS Remote clients to find their way back to your NAS's public IP address (which may change due to your ISP rules, DHCP, et.c). HTTPS (port 443) is used to secure the connection and prevent unauthorized sniffing of the traffic.
If you want to go to bottom with this problem and is unable to get assistance from your vendor of NAS I suggest that you install the SSH add-on and login to it via e.g. PuTTY (freeware SSH client) and type some simple UNIX commands (or call a friend that can provide you with this if you unsure how to do it).
Then use the "netstat" command to trace in and outgoing connections.
The "-c" option causes netstat to loop continously (until you press CTRL-C).
Below is an example from my NAS
# netstat -p -c
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost.localdo:40091 localhost.localdoma:nut ESTABLISHED2561/upsmon
tcp 0 0 localhost.localdo:54337 localhost.localdoma:ipp TIME_WAIT -
tcp 0 0 localhost.localdoma:nut localhost.localdo:40091 ESTABLISHED2543/upsd
tcp 0 0 MyNAS:microsoft-ds 192.168.0.200:62299 ESTABLISHED20440/smbd
tcp 0 0 localhost.localdo:54336 localhost.localdoma:ipp TIME_WAIT -
tcp6 0 148 MyNAS:ssh ::ffff:192.168.0.:62291 ESTABLISHED20350/0
The only external connections are MICROSOFT-DS (Windows File Sharing) and SSH to my laptop.
The "-p" option adds the PID/program name responsible for making outgoing connections or accepting incoming.
I believe you will see that the suspected connections you are seeing are caused by leafp2p (something ReadyNAS Remote drags in).
I also believe that you have ReadyNAS Remote and that removing it + rebooting the device will remove these connections.
/f
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
