Hello:
I got a network on LAN: 192.168.0.0/24
OpenVPN (road warrior): 10.0.0.0/24 (5 concurrent connections)
I see that there are a handful of hosts like 10.0.0.11, 10.0.0.13, 10.0.0.107, 10.0.0.120, etc.
I want to know how are they showing up. They are tagged with LAN as their source. On System>Routes>Status the 10.0.0.0/24 comes from the OPT1 interface as expected.
How do I go about finding out where these IPs are coming from other than physically unplugging cables from the switch?
Edit: forgot to mention; My biggest concern are the DNS request they are sending to nat.vssnat.net and ets.mny9.com
They seem to be resolving to China IPs.