How to stop **SYN Flood** (from WAN Outbound) router errors ?
Some SMC Barricade, Belkin, Phillips and other NAT routers with firewall protection may often report warnings of the sort:
**SYN Flood** 192.168.1.x, [port#]->> 192.168.x.x, [port#] (from ATM Outbound)
**SYN Flood to Host** 192.168.x.x, [port#]->> [external IP], 80 (from WAN Outbound)
**SYN Flood (per Min)** 192.168.x.x, [port#]->> 192.168.x.x, 135 (from ATM Outbound)
The culprit is often the number of connections that your web browser keeps open when accessing some websites (Google Maps, for example). Some routers are configured to trigger a SYN FLOOD warning when you open more than 10 connections and block requests. This has the side-effect of web pages that do not fully load.
The setting that needs to be checked in your NAT router is found under:
"Advanced Setup --> Firewall --> Intrusion Detection" (SMC) or
"Security --> Firewall --> Intrusion Detection" (Phillips) and is called:
"Maximum incomplete TCP/UDP sessions number from same host"
Increasing this from the default of ~10 to 50 should fix most common issues.
Note: Pay close attention if the triggered syn flood warnings are from outbound source, you may want to check our ports database to see what port is being used, who is using it and why, before changing the settings.