Hello,
I'm going round in circles online looking for a solution to this. We have a new XG 210 firewall and I'm struggling to get it to route certain traffic via a layer 3 switch.
Devices on the network have their gateways set to be an interface on the XG. If the device needs to contact something on a separate VLAN it sends the request to the XG which has a static route setup to forward the requests to a layer 3 switch which can route between the vlans. I can ping all the devices on the vlan ok but their web interfaces do not load. When I look in the XG's logs I can see the below "invalid traffic" packets being denied.
messageid="01001" log_type="Firewall" log_component="Invalid Traffic" log_subtype="Denied" status="Deny" con_duration="0" fw_rule_id="0" policy_type="0" user="" user_group="" web_policy_id="0" ips_policy_id="0" appfilter_policy_id="0" app_name="" app_risk="0" app_technology="" app_category="" in_interface="" out_interface="" src_mac="" src_ip="192.168.25.14" src_country="" dst_ip="192.168.26.111" dst_country="" protocol="TCP" src_port="58768" dst_port="80" packets_sent="0" packets_received="0" bytes_sent="0" bytes_received="0" src_trans_ip="" src_trans_port="0" dst_trans_ip="" dst_trans_port="0" src_zone_type="" src_zone="" dst_zone_type="" dst_zone="" con_direction="" con_id="" virt_con_id="" hb_status="No Heartbeat" message="Invalid TCP state." appresolvedby="Signature" app_is_cloud="0"
Any Help Appreciated. Thanks in advance.
Mark
This thread was automatically locked due to age.
