Invalid Traffic

Hi Toby al 

Please make sure that the firewall rule for the VPN connection is allowing port 9000 and take tcpdump and drop packet capture on the port number of IP addresses. This specific traffic not able to find the firewall to move forward.

Hi Keyur,

First thank you, for your reply.

I try to add specific ports like port 9000, in-destination service, However still the same issue.

If you notice, there are two times port 9000 is allowed. when other times are denied.

Thank you 

Toby

Hi Keyur,

First thank you, for your reply.

I try to add specific ports like port 9000, in-destination service, However still the same issue.

If you notice, there are two times port 9000 is allowed. when other times are denied.

Thank you 

Toby

Toby, check your DOS protection policy and see if there you get traffic blocked.

Hi 

Thank you for advice.

I created a DOS bypass for a specific IP and all ports, however still the same issue.

Thank you 

Toby 

Hi Toby al 

Could you please try to take tcpdump and drop packet capture?

https://community.sophos.com/kb/en-us/123567

https://community.sophos.com/kb/en-us/127111

Hi Keyur,

I hope you are doing well,

I did that, however, it's not useful as you see in the picture below.

The strange thing is it allows for 2 times and then denied.

Thank you 

Toby

Hi Toby al 

Did you add any static routes in the firewall for the remote network?

Is there any IP added in advanced bypass rule through CLI?

Is there any other DNAT configuration on the same WAN IP?

Could you please delete the same DNAT and try to configure it again and verify?

Hi Toby al 

In this drop packet capture, It shows like the TCP session is not known to XG. Would you please refer Sophos XG: CLI Troubleshooting Tools and read conntrack entries for the traffic?