Thread Info
  • State Suggested Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 28 replies
  • Answers 1 answer
  • Subscribers 37 subscribers
  • Views 79590 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Invalid TCP RST

StuartMitchell

Hi there!

Okay, usually I can work through any errors I find, but this one's got me completely stumped. I've read through the forums, but can't find any solutions to my issue.

Quick setup explanation:

XG Firmware = SFOS 17.0.5 MR-5
LAN Subnet = 10.10.10.0/24
WAN IP Address = 192.168.200.200/24
WAN Gateway = 192.168.200.254

The internet works fine (for the most part), but in the firewall logs, I see these:

As you can see, it's being Denied by Firewall Rule #2, which makes absolutely no sense to me as this is Rule #2:

The Staff LAN network definition is 10.10.10.0/24
The AFT Microwave is their primary connection, and the 4G Dongle is a fail-over (currently not active)
The AFT hardware is forwarding all ports through to the XG to allow us to manage port forwarding, etc (or so we were told)

I have two questions:

1. Why am I getting these errors

2. Why is this rule even denying this traffic? There's nothing in the rule that should be applying to traffic trying to go from the XG's WAN interface (192.168.200.200/24) to an external IP address.

Thanks in advance!



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to Bill Roland

    Hi Bill,

    the trouble is once the cat is out of the bag it is hard to put back. I see my mac book pro is trying and failing to talk to a microsoft site and I do not understand why?

    I do not have an MS products active on my MBP, the only application it MS RDP so why so many failed connections? I did turn the feature off, but that still did not help with the issue raised as per the log entries.

    Ian

Children
  • 0 in reply to rfcat_vk

    Hi,

     

    in my point of view: The clients already "talked" to the server. 

    The KBA is to explain, why this drops happen. But the Communication already happen. 

    Like mention in the KBA, you are able to deactivate the Invalid Traffic drops. 

     

    Ian would recommend you to check your reports regarding the IP from Microsoft. There should be couple of kb/mb/gb transferred to this server. 

     

    Cheers

     

     

     

  • 0 in reply to LuCar Toni

    Hi,

    as far as I can tell and I have explored the reports extensively there is no way to tie a user to a download or download site. The reports show total download for that site/url and total download for a user and the two totals are unrelated. If you think I am wrong please point me at the correct report?

    Ian

    Update:- a lot more poking of various screen entries and I found the information, 78KB.

  • 0 in reply to rfcat_vk

    same problem here.

     

    This situation appears with a " big" download within the 2 minutes...

     

    So conntrack seems to be not responsible of this.

     

    Firmware : SFV2C4 (SFOS 17.0.3 MR-3)

    With different APACHE source for download, this seems to have not the same behaviour.

     

    Will try with the newest firmware.