Running a 620 with ver 6.2.1.5
RAP eth0 (no config) directly connected to cable modem, with at least one eth1 network split tunneling. Are there any known vulnerabilities for this deployment model? NOTHING should be allowed IN (with no established session) correct? Do the NAT ports get selected randomly?