Default DROP STUN

I tried an Internal to internet IPV4and6 any service rule and it still comes back with Default Drop STUN as if it was a Protocol to select to allow like TCP/UDP but there is not a service to select that exists.

Hi Alex and welcome to the UTM Community!

Alone among the logs, the Firewall Live Log presents abbreviated information in a format easier to read quickly.  Usually, you can't troubleshoot without looking at the corresponding line from the full Firewall log file.  Please post one line corresponding to the one above.  If you prefer, obfuscate IPs like 84.XX.YY.121, 10.X.Y.100, 192.168.X.200 and 172.2X.Y.51.  That lets us see immediately which IPs are local and which are identical or just in the same subnet.

Cheers - Bob

Thanks Bob for getting back to me.  I am wondering how I find out what app 477 is?

2021:12:05-13:23:58 ulogd[21641]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x1dd" app="477" srcmac="2c:fd:a1:bb:1e:24" dstmac="00:15:17:b1:e3:af" srcip="192.168.X.108" dstip="61.X.X.107" proto="17" length="128" tos="0x00" prec="0x00" ttl="64" srcport="62115" dstport="62118" 

To make this easier I am just running through the tests at this site.
https://test.webrtc.org/

Once you hit test you should see the same STUN traffic that fails.

proto="17" means it's a UDP service.  The manufacturer's documentation should tell you what source and destination ports you need to allow for STUN.

What is 61.X.X.107?  If that's the IP of your "External (Address)," this is an internal device trying to communicate with another internal device and you will need a Full NAT or to configure split DNS.

Cheers - Bob

Thanks  Just for others to know what you are talking about
https://youtu.be/sN-BydioJ00

In this case if you wanted WebRTC to work for multiple internal peers to talk to each other.  (assuming we are not using Split DNS)   Would you need unique ports  for each local peer for this to work?  https://test.webrtc.org/

Thanks for your help.

In this case if you wanted WebRTC to work for multiple internal peers to talk to each other.  (assuming we are not using Split DNS)   Would you need unique ports  for each local peer for this to work?  https://test.webrtc.org/

Thanks for your help.