After updating to the latest version I have been noticing these blocked attempts every hour. I was a bit worried as I was unable to find anyone else with this issue.
Is anyone else using the PUBLIC firewall and having this issue?. I have made no hardware or software changes since the last Norton update
The IP address that is being blocked is coming from
OrgName: Amazon.com, Inc.
OrgId: AMAZO-4
Address: Amazon Web Services, Inc.
Address: P.O. Box 81226
City: Seattle
StateProv: WA
PostalCode: 98108-1226
Country: US
RegDate: 2005-09-29
Updated: 2022-09-30
Comment: For details of this service please see
Comment: http://ec2.amazonaws.com
Ref: https://rdap.arin.net/registry/entity/AMAZO-4
May we suggest, changing your network to Private and rebooting, then recheck. Additionally, is your connection WiFi or via Ethernet? I have IPv6 disabled at my routers and devices because its not a widely used protocol yet. Most ISP’s don’t require it as well. Pinging IPv6 if from outside is another device testing the connectivity of your device front facing the internet. That itself can be of concern, however, your history entries show its being blocked as the default rules in Norton firewall are hard coded for. Please review the screenshot below.
I am aware that changing to private allows these pings to go through and not be blocked. I looked at the Public VS private firewall settings and confirmed this. So to fix the problem I need to change to a private network which I don’t want to do or add a rule that allows those pings in a public network.
I ran a malware bytes scan a hit man pro scan and all the Norton scans and found nothing. I am going to restart my router as it’s been on for 3 months and see if that might be the issue.
@Mykola You may also want to check your Public network exceptions. Without creating a new rule I’m not sure changing these will make a difference. You can test and see what your results may be.
Why are you seeing these entries? Some outside device is probing your IPv6 connections. Norton is preventing that as your router firewall is rendered moot.
I don’t use IPv6, period for that reason and certainly not on a public network setting. Actually, being totally honest, I don’t see why you are using a public setting on ethernet, within your personal network. Below is the ONLY scenario where I would ever suggest using a public network setting within a private network. Its basically getting end-to-end connectivity and HOPING, your router firewall protects you. NAT transitioning is also waved in the process. I personally opt for the better protections private networking provides. Your mileage will vary based on your needs.
AI Overview
Using IPv6 with a “public” home network means devices get globally routable addresses, eliminating NAT, but requires a stateful firewall on your router for security, allowing only outgoing connections and return traffic for established sessions, not direct unsolicited access. This is the intended design of IPv6, giving each device a public IP while relying on the gateway firewall for protection, similar to how IPv4 uses NAT for security but without the address scarcity, allowing for true end-to-end connectivity.
Key Concepts
Public IPv6 Addresses: Your ISP assigns your router a block of public IPv6 addresses (a /64 prefix), and your internal devices use these directly, not private ones.
No NAT: Network Address Translation (NAT) isn’t needed because addresses are plentiful, restoring direct device-to-device communication.
Stateful Firewall is Key: Your router acts as a firewall, tracking outgoing connections and only allowing incoming packets if they are part of an established session.
How It Works
ISP Provides Prefix: Your Internet Service Provider gives your router a large block (e.g., a /64) of public IPv6 addresses.
SLAAC/DHCPv6: Devices auto-configure their own unique public IP within that block using Stateless Address Autoconfiguration (SLAAC) or DHCPv6.
Router Firewall: The router inspects all traffic; it permits outgoing requests (like browsing) and lets the responses back in, but blocks unsolicited incoming connections (like someone trying to access your PC directly).
Security & Configuration
Enable Stateful Firewall: Ensure your router’s firewall is on and configured to allow outbound traffic and track connections (often called “Stateful Inspection” or “Connection Tracking”).
Block Unsolicited Inbound: By default, the firewall should block new incoming connections from the internet unless they’re a response to an internal request.
RFC 6092: Look for routers that support the “Simple Security” recommendations (RFC 6092) for better built-in IPv6 security.
Why It’s Better
Simpler & Faster: No complex port forwarding or NAT headaches.
End-to-End: Restores true end-to-end connectivity, making peer-to-peer apps work better.
In essence, you use IPv6 “publicly” at home, but your router’s firewall keeps it “private” by acting as a security gatekeeper, just without NAT.
You’re most welcome. I’m not sure if going private will “fix” the issue, Norton most likely won’t even see the pinging in private mode though. My preference is having NAT translation within the network because having it at the router level prevents issues before we ever see them occur. Hoping that makes sense in a layman’s term way. Allow the hardware/software we use to do as it was designed for and stay safer. Please follow-up with the results so we will know the issues doesn’t persist for you.
