Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 1579 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Routing some traffice over a backup wan route

baris

Hello,

 

I have 3 WAN connections, 2 of them are internet connections. 1 of them is connected to a special VPN device. I made that WAN a backup, and configure some firewall rules which I want to forward over VPN to that gateway. I can ping both VPN device and firewall interface connected to the VPN device from my computer in LAN. However, it seems that packets are not forwarded to this gateway. When I traceroute to the remote site, it only goes to the firewall not even to VPN device. Strange thing is that all config was working for 2 months; nothing changed on firewall config and VPN device; it suddenly stop working today. Do you have any ideas to resolve/find the problem. Thank you.



This thread was automatically locked due to age.
Parents
  • 0

    Hi  

    Please make sure that in firewall rules you have set "Primary Gateway" as your Backup WAN, please place the firewall rules for this communication at the Top position and verify the issue. Please also check the status of Backup WAN as well.

  • 0 in reply to Keyur

    Hi,

    Yes, I have already checked all. Gateway is up, firewall rules are on top. As you can see in the attached screenshot log, packets going in from port 1 which is the LAN interface and going out to port 4 which is the gateway. But nothing arrives in VPN box. This is strange.

     

  • 0 in reply to baris

    Hi  

    In the snapshot I can see the Out Interface marked is Port5 and in the description you have mentioned the Port4.

    Can you please clarify which one is the expected Interface ( VPN one which you have assign in route through gateway in rule) as per your configuration? 

    You may check the traffic or packet request via CLI command:

    console > tcpdump 'host X.X.X.X.

    where X.X.X.X is the destination server or machine IP over VPN ISP line.

    You may generate the PING or generate any traffic from the  source machine behind XG for which you have configured the rule and confirm the packet request is going out via proper ISP define on rule.

  • 0 in reply to Vishal_R

    Sorry, It was a typo error. The port number is port5

    I run tcpdump, as exptected packets going in port1 then out at port5, no problem.

    10:14:30.739230 Port1, ................
    10:14:30.739247 Port5, ......................

     

    From here, I need to be sure that problem is at my VPN device connected to port5. Are there any possibility that sophos does not forward packets as expected or blocking some?

    Thank you.

  • 0 in reply to baris

    Hi  

    To double check on this and to confirm more yo may do the trace route from source machine and if it is showing IP of ISP Port5 then rule configuration is fine.

    If you are observing the communication issue between source and destination you may confirm there is any drop on XG while you are accessing it.

    Command for drop packet

    console > drop 'host X.X.X.X

    Summary : You may check the packet request and drop at the same time while you are browsing.

    If no drop and routing is done via proper ISP then there could be different reason.

    You may share the tcpdump and drop result here in notepad, So  or I may confirm more on same.

  • 0 in reply to Vishal_R

    Hello, thank you.

     

    I have attached text files for traceroute+dump and smtp test+dump. If sophos device is working properly and forwarding packets, I need to check VPN box/gateway. It is not in my control so I cannot look at the traffic/packets on that device.

    Fullscreen telnet-port25-and-dump.txt Download 
    [root@myhost ~]# telnet 149.XXX.XXX.161 25
Trying 149.XXX.XXX.161...

console> tcpdump 'host 149.XXX.XXX.161 and port 25'
tcpdump: Starting Packet Dump
10:44:31.463299 Port5, OUT: IP 192.168.9.101.49108 > 149.XXX.XXX.161.25: Flags [S], seq 1443620852, win 29200, options [mss 1460,sackOK,TS val 42767219 ecr 0,nop,wscale 7], length 0
10:44:32.484692 Port1, IN: IP 192.168.9.101.49108 > 149.XXX.XXX.161.25: Flags [S], seq 1443620852, win 29200, options [mss 1460,sackOK,TS val 42768241 ecr 0,nop,wscale 7], length 0
10:44:32.484709 Port5, OUT: IP 192.168.9.101.49108 > 149.XXX.XXX.161.25: Flags [S], seq 1443620852, win 29200, options [mss 1460,sackOK,TS val 42768241 ecr 0,nop,wscale 7], length 0
10:44:34.490869 Port1, IN: IP 192.168.9.101.49108 > 149.XXX.XXX.161.25: Flags [S], seq 1443620852, win 29200, options [mss 1460,sackOK,TS val 42770248 ecr 0,nop,wscale 7], length 0
10:44:34.490886 Port5, OUT: IP 192.168.9.101.49108 > 149.XXX.XXX.161.25: Flags [S], seq 1443620852, win 29200, options [mss 1460,sackOK,TS val 42770248 ecr 0,nop,wscale 7], length 0
10:44:38.498842 Port1, IN: IP 192.168.9.101.49108 > 149.XXX.XXX.161.25: Flags [S], seq 1443620852, win 29200, options [mss 1460,sackOK,TS val 42774256 ecr 0,nop,wscale 7], length 0
10:44:38.498859 Port5, OUT: IP 192.168.9.101.49108 > 149.XXX.XXX.161.25: Flags [S], seq 1443620852, win 29200, options [mss 1460,sackOK,TS val 42774256 ecr 0,nop,wscale 7], length 0
10:44:46.515029 Port1, IN: IP 192.168.9.101.49108 > 149.XXX.XXX.161.25: Flags [S], seq 1443620852, win 29200, options [mss 1460,sackOK,TS val 42782272 ecr 0,nop,wscale 7], length 0
10:44:46.515048 Port5, OUT: IP 192.168.9.101.49108 > 149.XXX.XXX.161.25: Flags [S], seq 1443620852, win 29200, options [mss 1460,sackOK,TS val 42782272 ecr 0,nop,wscale 7], length 0
10:45:02.546865 Port1, IN: IP 192.168.9.101.49108 > 149.XXX.XXX.161.25: Flags [S], seq 1443620852, win 29200, options [mss 1460,sackOK,TS val 42798304 ecr 0,nop,wscale 7], length 0
10:45:02.546882 Port5, OUT: IP 192.168.9.101.49108 > 149.XXX.XXX.161.25: Flags [S], seq 1443620852, win 29200, options [mss 1460,sackOK,TS val 42798304 ecr 0,nop,wscale 7], length 0
    Fullscreen traceroute-and-dump.txt Download 
    traceroute to 149.XXX.XXX.161 (149.XXX.XXX.161), 30 hops max, 60 byte packets
 1  fw.XXXX.com.tr (192.168.8.254)  0.235 ms  0.213 ms  0.162 ms
 2  * * *
 3  * * *
 4  * * *
 5  * * *
 6  * * *
 7  * * *
 8  * * *
 9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *

console> tcpdump 'host 149.XXX.XXX.161'
tcpdump: Starting Packet Dump
10:42:03.179337 Port1, IN: IP 192.168.9.101.52588 > 149.XXX.XXX.161.33434: UDP, length 32
10:42:03.179461 Port1, IN: IP 192.168.9.101.41317 > 149.XXX.XXX.161.33435: UDP, length 32
10:42:03.179557 Port1, IN: IP 192.168.9.101.44057 > 149.XXX.XXX.161.33436: UDP, length 32
10:42:03.179682 Port1, IN: IP 192.168.9.101.47614 > 149.XXX.XXX.161.33437: UDP, length 32
10:42:03.179687 Port5, OUT: IP 192.168.9.101.47614 > 149.XXX.XXX.161.33437: UDP, length 32
10:42:03.179738 Port1, IN: IP 192.168.9.101.46723 > 149.XXX.XXX.161.33438: UDP, length 32
10:42:03.179742 Port5, OUT: IP 192.168.9.101.46723 > 149.XXX.XXX.161.33438: UDP, length 32
10:42:03.179866 Port1, IN: IP 192.168.9.101.56596 > 149.XXX.XXX.161.33439: UDP, length 32
10:42:03.179870 Port5, OUT: IP 192.168.9.101.56596 > 149.XXX.XXX.161.33439: UDP, length 32
10:42:03.179926 Port1, IN: IP 192.168.9.101.55186 > 149.XXX.XXX.161.33440: UDP, length 32
10:42:03.179928 Port5, OUT: IP 192.168.9.101.55186 > 149.XXX.XXX.161.33440: UDP, length 32
10:42:03.179983 Port1, IN: IP 192.168.9.101.59122 > 149.XXX.XXX.161.33441: UDP, length 32
10:42:03.179986 Port5, OUT: IP 192.168.9.101.59122 > 149.XXX.XXX.161.33441: UDP, length 32
10:42:03.180053 Port1, IN: IP 192.168.9.101.36224 > 149.XXX.XXX.161.33442: UDP, length 32
10:42:03.180055 Port5, OUT: IP 192.168.9.101.36224 > 149.XXX.XXX.161.33442: UDP, length 32
10:42:03.180110 Port1, IN: IP 192.168.9.101.34728 > 149.XXX.XXX.161.33443: UDP, length 32
10:42:03.180113 Port5, OUT: IP 192.168.9.101.34728 > 149.XXX.XXX.161.33443: UDP, length 32
10:42:03.180167 Port1, IN: IP 192.168.9.101.57696 > 149.XXX.XXX.161.33444: UDP, length 32
10:42:03.180169 Port5, OUT: IP 192.168.9.101.57696 > 149.XXX.XXX.161.33444: UDP, length 32
10:42:03.180224 Port1, IN: IP 192.168.9.101.60855 > 149.XXX.XXX.161.33445: UDP, length 32
10:42:03.180227 Port5, OUT: IP 192.168.9.101.60855 > 149.XXX.XXX.161.33445: UDP, length 32
10:42:03.180280 Port1, IN: IP 192.168.9.101.60679 > 149.XXX.XXX.161.33446: UDP, length 32
10:42:03.180282 Port5, OUT: IP 192.168.9.101.60679 > 149.XXX.XXX.161.33446: UDP, length 32
10:42:03.180343 Port1, IN: IP 192.168.9.101.35783 > 149.XXX.XXX.161.33447: UDP, length 32
10:42:03.180345 Port5, OUT: IP 192.168.9.101.35783 > 149.XXX.XXX.161.33447: UDP, length 32
10:42:03.180404 Port1, IN: IP 192.168.9.101.53827 > 149.XXX.XXX.161.33448: UDP, length 32
10:42:03.180406 Port5, OUT: IP 192.168.9.101.53827 > 149.XXX.XXX.161.33448: UDP, length 32
10:42:03.180462 Port1, IN: IP 192.168.9.101.51789 > 149.XXX.XXX.161.33449: UDP, length 32
10:42:03.180464 Port5, OUT: IP 192.168.9.101.51789 > 149.XXX.XXX.161.33449: UDP, length 32
10:42:03.182652 Port1, IN: IP 192.168.9.101.50039 > 149.XXX.XXX.161.33450: UDP, length 32
10:42:03.182655 Port5, OUT: IP 192.168.9.101.50039 > 149.XXX.XXX.161.33450: UDP, length 32
10:42:03.182713 Port1, IN: IP 192.168.9.101.52243 > 149.XXX.XXX.161.33451: UDP, length 32
10:42:03.182714 Port5, OUT: IP 192.168.9.101.52243 > 149.XXX.XXX.161.33451: UDP, length 32
10:42:03.182768 Port1, IN: IP 192.168.9.101.38626 > 149.XXX.XXX.161.33452: UDP, length 32
10:42:03.182770 Port5, OUT: IP 192.168.9.101.38626 > 149.XXX.XXX.161.33452: UDP, length 32
10:42:08.209973 Port1, IN: IP 192.168.9.101.46655 > 149.XXX.XXX.161.33453: UDP, length 32
10:42:08.209991 Port5, OUT: IP 192.168.9.101.46655 > 149.XXX.XXX.161.33453: UDP, length 32
10:42:08.210106 Port1, IN: IP 192.168.9.101.34929 > 149.XXX.XXX.161.33454: UDP, length 32
10:42:08.210109 Port5, OUT: IP 192.168.9.101.34929 > 149.XXX.XXX.161.33454: UDP, length 32
10:42:08.210166 Port1, IN: IP 192.168.9.101.36156 > 149.XXX.XXX.161.33455: UDP, length 32
10:42:08.210169 Port5, OUT: IP 192.168.9.101.36156 > 149.XXX.XXX.161.33455: UDP, length 32
10:42:08.210223 Port1, IN: IP 192.168.9.101.48002 > 149.XXX.XXX.161.33456: UDP, length 32
10:42:08.210225 Port5, OUT: IP 192.168.9.101.48002 > 149.XXX.XXX.161.33456: UDP, length 32
10:42:08.210277 Port1, IN: IP 192.168.9.101.39037 > 149.XXX.XXX.161.33457: UDP, length 32
10:42:08.210278 Port5, OUT: IP 192.168.9.101.39037 > 149.XXX.XXX.161.33457: UDP, length 32
10:42:08.210331 Port1, IN: IP 192.168.9.101.41331 > 149.XXX.XXX.161.33458: UDP, length 32
10:42:08.210333 Port5, OUT: IP 192.168.9.101.41331 > 149.XXX.XXX.161.33458: UDP, length 32
10:42:08.210385 Port1, IN: IP 192.168.9.101.60793 > 149.XXX.XXX.161.33459: UDP, length 32
10:42:08.210387 Port5, OUT: IP 192.168.9.101.60793 > 149.XXX.XXX.161.33459: UDP, length 32
10:42:08.210442 Port1, IN: IP 192.168.9.101.46596 > 149.XXX.XXX.161.33460: UDP, length 32
10:42:08.210445 Port5, OUT: IP 192.168.9.101.46596 > 149.XXX.XXX.161.33460: UDP, length 32
10:42:08.210503 Port1, IN: IP 192.168.9.101.53260 > 149.XXX.XXX.161.33461: UDP, length 32
10:42:08.210505 Port5, OUT: IP 192.168.9.101.53260 > 149.XXX.XXX.161.33461: UDP, length 32
10:42:08.210565 Port1, IN: IP 192.168.9.101.43070 > 149.XXX.XXX.161.33462: UDP, length 32
10:42:08.210567 Port5, OUT: IP 192.168.9.101.43070 > 149.XXX.XXX.161.33462: UDP, length 32
10:42:08.210621 Port1, IN: IP 192.168.9.101.38444 > 149.XXX.XXX.161.33463: UDP, length 32
10:42:08.210623 Port5, OUT: IP 192.168.9.101.38444 > 149.XXX.XXX.161.33463: UDP, length 32
10:42:08.210674 Port1, IN: IP 192.168.9.101.56991 > 149.XXX.XXX.161.33464: UDP, length 32
10:42:08.210675 Port5, OUT: IP 192.168.9.101.56991 > 149.XXX.XXX.161.33464: UDP, length 32
10:42:08.210748 Port1, IN: IP 192.168.9.101.41362 > 149.XXX.XXX.161.33465: UDP, length 32
10:42:08.210750 Port5, OUT: IP 192.168.9.101.41362 > 149.XXX.XXX.161.33465: UDP, length 32
10:42:08.210880 Port1, IN: IP 192.168.9.101.34242 > 149.XXX.XXX.161.33466: UDP, length 32
10:42:08.210882 Port5, OUT: IP 192.168.9.101.34242 > 149.XXX.XXX.161.33466: UDP, length 32
10:42:08.210942 Port1, IN: IP 192.168.9.101.48515 > 149.XXX.XXX.161.33467: UDP, length 32
10:42:08.210944 Port5, OUT: IP 192.168.9.101.48515 > 149.XXX.XXX.161.33467: UDP, length 32
10:42:08.211020 Port1, IN: IP 192.168.9.101.35072 > 149.XXX.XXX.161.33468: UDP, length 32
10:42:08.211022 Port5, OUT: IP 192.168.9.101.35072 > 149.XXX.XXX.161.33468: UDP, length 32
10:42:13.218711 Port1, IN: IP 192.168.9.101.55279 > 149.XXX.XXX.161.33469: UDP, length 32
10:42:13.218728 Port5, OUT: IP 192.168.9.101.55279 > 149.XXX.XXX.161.33469: UDP, length 32
10:42:13.218810 Port1, IN: IP 192.168.9.101.60091 > 149.XXX.XXX.161.33470: UDP, length 32
10:42:13.218813 Port5, OUT: IP 192.168.9.101.60091 > 149.XXX.XXX.161.33470: UDP, length 32
10:42:13.218981 Port1, IN: IP 192.168.9.101.48793 > 149.XXX.XXX.161.33471: UDP, length 32
10:42:13.218985 Port5, OUT: IP 192.168.9.101.48793 > 149.XXX.XXX.161.33471: UDP, length 32
10:42:13.219075 Port1, IN: IP 192.168.9.101.52596 > 149.XXX.XXX.161.33472: UDP, length 32
10:42:13.219078 Port5, OUT: IP 192.168.9.101.52596 > 149.XXX.XXX.161.33472: UDP, length 32
10:42:13.219161 Port1, IN: IP 192.168.9.101.39810 > 149.XXX.XXX.161.33473: UDP, length 32
10:42:13.219164 Port5, OUT: IP 192.168.9.101.39810 > 149.XXX.XXX.161.33473: UDP, length 32
10:42:13.219248 Port1, IN: IP 192.168.9.101.45806 > 149.XXX.XXX.161.33474: UDP, length 32
10:42:13.219250 Port5, OUT: IP 192.168.9.101.45806 > 149.XXX.XXX.161.33474: UDP, length 32
10:42:13.219335 Port1, IN: IP 192.168.9.101.60833 > 149.XXX.XXX.161.33475: UDP, length 32
10:42:13.219337 Port5, OUT: IP 192.168.9.101.60833 > 149.XXX.XXX.161.33475: UDP, length 32
10:42:13.219421 Port1, IN: IP 192.168.9.101.48647 > 149.XXX.XXX.161.33476: UDP, length 32
10:42:13.219423 Port5, OUT: IP 192.168.9.101.48647 > 149.XXX.XXX.161.33476: UDP, length 32
10:42:13.219507 Port1, IN: IP 192.168.9.101.59365 > 149.XXX.XXX.161.33477: UDP, length 32
10:42:13.219509 Port5, OUT: IP 192.168.9.101.59365 > 149.XXX.XXX.161.33477: UDP, length 32
10:42:13.219597 Port1, IN: IP 192.168.9.101.57581 > 149.XXX.XXX.161.33478: UDP, length 32
10:42:13.219599 Port5, OUT: IP 192.168.9.101.57581 > 149.XXX.XXX.161.33478: UDP, length 32
10:42:13.219682 Port1, IN: IP 192.168.9.101.39317 > 149.XXX.XXX.161.33479: UDP, length 32
10:42:13.219684 Port5, OUT: IP 192.168.9.101.39317 > 149.XXX.XXX.161.33479: UDP, length 32
10:42:13.219841 Port1, IN: IP 192.168.9.101.38384 > 149.XXX.XXX.161.33480: UDP, length 32
10:42:13.219843 Port5, OUT: IP 192.168.9.101.38384 > 149.XXX.XXX.161.33480: UDP, length 32
10:42:13.219934 Port1, IN: IP 192.168.9.101.47043 > 149.XXX.XXX.161.33481: UDP, length 32
10:42:13.219938 Port5, OUT: IP 192.168.9.101.47043 > 149.XXX.XXX.161.33481: UDP, length 32
10:42:13.220008 Port1, IN: IP 192.168.9.101.42603 > 149.XXX.XXX.161.33482: UDP, length 32
10:42:13.220011 Port5, OUT: IP 192.168.9.101.42603 > 149.XXX.XXX.161.33482: UDP, length 32
10:42:13.220105 Port1, IN: IP 192.168.9.101.57669 > 149.XXX.XXX.161.33483: UDP, length 32
10:42:13.220107 Port5, OUT: IP 192.168.9.101.57669 > 149.XXX.XXX.161.33483: UDP, length 32
10:42:13.220211 Port1, IN: IP 192.168.9.101.38408 > 149.XXX.XXX.161.33484: UDP, length 32
10:42:13.220214 Port5, OUT: IP 192.168.9.101.38408 > 149.XXX.XXX.161.33484: UDP, length 32
10:42:18.227826 Port1, IN: IP 192.168.9.101.37219 > 149.XXX.XXX.161.33485: UDP, length 32
10:42:18.227835 Port5, OUT: IP 192.168.9.101.37219 > 149.XXX.XXX.161.33485: UDP, length 32
10:42:18.228035 Port1, IN: IP 192.168.9.101.37667 > 149.XXX.XXX.161.33486: UDP, length 32
10:42:18.228039 Port5, OUT: IP 192.168.9.101.37667 > 149.XXX.XXX.161.33486: UDP, length 32
10:42:18.228120 Port1, IN: IP 192.168.9.101.53731 > 149.XXX.XXX.161.33487: UDP, length 32
10:42:18.228122 Port5, OUT: IP 192.168.9.101.53731 > 149.XXX.XXX.161.33487: UDP, length 32
10:42:18.228200 Port1, IN: IP 192.168.9.101.54445 > 149.XXX.XXX.161.33488: UDP, length 32
10:42:18.228202 Port5, OUT: IP 192.168.9.101.54445 > 149.XXX.XXX.161.33488: UDP, length 32
10:42:18.228284 Port1, IN: IP 192.168.9.101.46327 > 149.XXX.XXX.161.33489: UDP, length 32
10:42:18.228286 Port5, OUT: IP 192.168.9.101.46327 > 149.XXX.XXX.161.33489: UDP, length 32
10:42:18.228370 Port1, IN: IP 192.168.9.101.35232 > 149.XXX.XXX.161.33490: UDP, length 32
10:42:18.228372 Port5, OUT: IP 192.168.9.101.35232 > 149.XXX.XXX.161.33490: UDP, length 32
10:42:18.228461 Port1, IN: IP 192.168.9.101.51435 > 149.XXX.XXX.161.33491: UDP, length 32
10:42:18.228463 Port5, OUT: IP 192.168.9.101.51435 > 149.XXX.XXX.161.33491: UDP, length 32
10:42:18.228553 Port1, IN: IP 192.168.9.101.56143 > 149.XXX.XXX.161.33492: UDP, length 32
10:42:18.228555 Port5, OUT: IP 192.168.9.101.56143 > 149.XXX.XXX.161.33492: UDP, length 32
10:42:18.228642 Port1, IN: IP 192.168.9.101.42027 > 149.XXX.XXX.161.33493: UDP, length 32
10:42:18.228644 Port5, OUT: IP 192.168.9.101.42027 > 149.XXX.XXX.161.33493: UDP, length 32
10:42:18.228730 Port1, IN: IP 192.168.9.101.41672 > 149.XXX.XXX.161.33494: UDP, length 32
10:42:18.228732 Port5, OUT: IP 192.168.9.101.41672 > 149.XXX.XXX.161.33494: UDP, length 32
10:42:18.228864 Port1, IN: IP 192.168.9.101.41187 > 149.XXX.XXX.161.33495: UDP, length 32
10:42:18.228866 Port5, OUT: IP 192.168.9.101.41187 > 149.XXX.XXX.161.33495: UDP, length 32
10:42:18.228969 Port1, IN: IP 192.168.9.101.57131 > 149.XXX.XXX.161.33496: UDP, length 32
10:42:18.228972 Port5, OUT: IP 192.168.9.101.57131 > 149.XXX.XXX.161.33496: UDP, length 32
10:42:18.229059 Port1, IN: IP 192.168.9.101.37856 > 149.XXX.XXX.161.33497: UDP, length 32
10:42:18.229064 Port5, OUT: IP 192.168.9.101.37856 > 149.XXX.XXX.161.33497: UDP, length 32
10:42:18.229135 Port1, IN: IP 192.168.9.101.58538 > 149.XXX.XXX.161.33498: UDP, length 32
10:42:18.229138 Port5, OUT: IP 192.168.9.101.58538 > 149.XXX.XXX.161.33498: UDP, length 32
10:42:18.229223 Port1, IN: IP 192.168.9.101.59557 > 149.XXX.XXX.161.33499: UDP, length 32
10:42:18.229226 Port5, OUT: IP 192.168.9.101.59557 > 149.XXX.XXX.161.33499: UDP, length 32
10:42:18.229315 Port1, IN: IP 192.168.9.101.41190 > 149.XXX.XXX.161.33500: UDP, length 32
10:42:18.229317 Port5, OUT: IP 192.168.9.101.41190 > 149.XXX.XXX.161.33500: UDP, length 32
10:42:23.247426 Port1, IN: IP 192.168.9.101.46453 > 149.XXX.XXX.161.33501: UDP, length 32
10:42:23.247444 Port5, OUT: IP 192.168.9.101.46453 > 149.XXX.XXX.161.33501: UDP, length 32
10:42:23.247592 Port1, IN: IP 192.168.9.101.48684 > 149.XXX.XXX.161.33502: UDP, length 32
10:42:23.247595 Port5, OUT: IP 192.168.9.101.48684 > 149.XXX.XXX.161.33502: UDP, length 32
10:42:23.247706 Port1, IN: IP 192.168.9.101.47543 > 149.XXX.XXX.161.33503: UDP, length 32
10:42:23.247708 Port5, OUT: IP 192.168.9.101.47543 > 149.XXX.XXX.161.33503: UDP, length 32
10:42:23.247819 Port1, IN: IP 192.168.9.101.33839 > 149.XXX.XXX.161.33504: UDP, length 32
10:42:23.247821 Port5, OUT: IP 192.168.9.101.33839 > 149.XXX.XXX.161.33504: UDP, length 32
10:42:23.248051 Port1, IN: IP 192.168.9.101.42411 > 149.XXX.XXX.161.33505: UDP, length 32
10:42:23.248054 Port5, OUT: IP 192.168.9.101.42411 > 149.XXX.XXX.161.33505: UDP, length 32
10:42:23.248143 Port1, IN: IP 192.168.9.101.55515 > 149.XXX.XXX.161.33506: UDP, length 32
10:42:23.248145 Port5, OUT: IP 192.168.9.101.55515 > 149.XXX.XXX.161.33506: UDP, length 32
10:42:23.248192 Port1, IN: IP 192.168.9.101.43478 > 149.XXX.XXX.161.33507: UDP, length 32
10:42:23.248194 Port5, OUT: IP 192.168.9.101.43478 > 149.XXX.XXX.161.33507: UDP, length 32
10:42:23.248282 Port1, IN: IP 192.168.9.101.46492 > 149.XXX.XXX.161.33508: UDP, length 32
10:42:23.248285 Port5, OUT: IP 192.168.9.101.46492 > 149.XXX.XXX.161.33508: UDP, length 32
10:42:23.248364 Port1, IN: IP 192.168.9.101.52690 > 149.XXX.XXX.161.33509: UDP, length 32
10:42:23.248366 Port5, OUT: IP 192.168.9.101.52690 > 149.XXX.XXX.161.33509: UDP, length 32
10:42:23.248447 Port1, IN: IP 192.168.9.101.48187 > 149.XXX.XXX.161.33510: UDP, length 32
10:42:23.248449 Port5, OUT: IP 192.168.9.101.48187 > 149.XXX.XXX.161.33510: UDP, length 32
10:42:23.248531 Port1, IN: IP 192.168.9.101.42327 > 149.XXX.XXX.161.33511: UDP, length 32
10:42:23.248534 Port5, OUT: IP 192.168.9.101.42327 > 149.XXX.XXX.161.33511: UDP, length 32
10:42:23.248624 Port1, IN: IP 192.168.9.101.52804 > 149.XXX.XXX.161.33512: UDP, length 32
10:42:23.248626 Port5, OUT: IP 192.168.9.101.52804 > 149.XXX.XXX.161.33512: UDP, length 32
10:42:23.248709 Port1, IN: IP 192.168.9.101.60052 > 149.XXX.XXX.161.33513: UDP, length 32
10:42:23.248711 Port5, OUT: IP 192.168.9.101.60052 > 149.XXX.XXX.161.33513: UDP, length 32
10:42:23.248809 Port1, IN: IP 192.168.9.101.42080 > 149.XXX.XXX.161.33514: UDP, length 32
10:42:23.248811 Port5, OUT: IP 192.168.9.101.42080 > 149.XXX.XXX.161.33514: UDP, length 32
10:42:23.248945 Port1, IN: IP 192.168.9.101.50414 > 149.XXX.XXX.161.33515: UDP, length 32
10:42:23.248947 Port5, OUT: IP 192.168.9.101.50414 > 149.XXX.XXX.161.33515: UDP, length 32
10:42:23.249044 Port1, IN: IP 192.168.9.101.34149 > 149.XXX.XXX.161.33516: UDP, length 32
10:42:23.249046 Port5, OUT: IP 192.168.9.101.34149 > 149.XXX.XXX.161.33516: UDP, length 32
10:42:28.258267 Port1, IN: IP 192.168.9.101.45854 > 149.XXX.XXX.161.33517: UDP, length 32
10:42:28.258284 Port5, OUT: IP 192.168.9.101.45854 > 149.XXX.XXX.161.33517: UDP, length 32
10:42:28.258479 Port1, IN: IP 192.168.9.101.47220 > 149.XXX.XXX.161.33518: UDP, length 32
10:42:28.258482 Port5, OUT: IP 192.168.9.101.47220 > 149.XXX.XXX.161.33518: UDP, length 32
10:42:28.258637 Port1, IN: IP 192.168.9.101.38828 > 149.XXX.XXX.161.33519: UDP, length 32
10:42:28.258639 Port5, OUT: IP 192.168.9.101.38828 > 149.XXX.XXX.161.33519: UDP, length 32
10:42:28.258804 Port1, IN: IP 192.168.9.101.56996 > 149.XXX.XXX.161.33520: UDP, length 32
10:42:28.258806 Port5, OUT: IP 192.168.9.101.56996 > 149.XXX.XXX.161.33520: UDP, length 32
10:42:28.258939 Port1, IN: IP 192.168.9.101.43709 > 149.XXX.XXX.161.33521: UDP, length 32
10:42:28.258942 Port5, OUT: IP 192.168.9.101.43709 > 149.XXX.XXX.161.33521: UDP, length 32
10:42:28.259006 Port1, IN: IP 192.168.9.101.46612 > 149.XXX.XXX.161.33522: UDP, length 32
10:42:28.259008 Port5, OUT: IP 192.168.9.101.46612 > 149.XXX.XXX.161.33522: UDP, length 32
10:42:28.259079 Port1, IN: IP 192.168.9.101.45060 > 149.XXX.XXX.161.33523: UDP, length 32
10:42:28.259082 Port5, OUT: IP 192.168.9.101.45060 > 149.XXX.XXX.161.33523: UDP, length 32

  • +1 in reply to baris

     

    Yes your observation is correct, packets are going out via Port5 and there is no reply from remote end for SYN forwarded from XG end.

    Based on packets it seems no issue with XG rule or routing as of now.


Reply Children
No Data