XG230 - Web radio lost connection - Invalid traffic in the log => Could not associate packet to any connection

Hi,

has your access ever worked?

Do you have do not scan streaming media ticked?

The could not associate a packet means the connection has failed or timed out that means the firewalll blocks/dropa it.

Ian

Hi, i created this rule there are 2 months and was worked but i'm working at home during several weeks and now not working anymore. 

I don't found the option to disabled the streaming scan, can you tell me where i can find it please? 

Hi,

Ian

Option disabled from my side :( thank you for help !

Concerning the dropped packet, is that mean i need a specific firewall rules to solved it? Policy? How can i determine the origine of the problem to solve it? Thank you

"could not associate a packet" means that the remote site send a packet while firewall cannot associate that anymore to an existing connection. It's not something that a rule can fix as far as I know. It's more that XG thinks that the connection is closed and then again gets a packet for the previous connection.

Drop packets are from connections that have ended, a firewall will not fix that and you can ignore them.

you will need to look at your link speed and MTU to see if there is an issue with your wan connection eg intermittently dropping out.

ian

Thank you to you all

First of all, this is likely not an issue at all.

In my last 5 years experience, never was this dropped packet an issue - Mainly because its just a symptom for another issue.

Why does it occur? If you have a open connection (Client to Server) and someone in this connection (Server or Client) closes the connection for what ever reason, the other end will likely "Acknowledge" the closing. Or it will try to "force the connection to reset" etc. There are plenty of cases. Afterall those packets will do following: 

XG gets a "please close the connection" packet. It will forward the packet to the server/client. In the same time, XG will delete the connection, because its not needed anymore. 

Some applications are badly written or have other issues so to speak, so they will send multiple "please close this connection" packets. XG will use the first one to delete the session. Every other packet will be dropped, as XG do not have any open connection for this anymore (Stateful firewall). 

There are some other reasons, why this can also occur: Cleanup sessions for example: You have a session build up to a Server and did your business. After some hours the server "clean up his connection table" and closes all connections left on his table. So he will send to every client a "Please close the connection" packet. XG already deleted the session after 3 hours. So XG does not know the session existed and drops this as well. 

In each case, its not the actual issue at all. Why does the application in your case closes the connection? Could be a network issue but likely its a application issue. 

Most customers, i talk to, i advice to actually disable the logging of invalid traffic, as this causes more harm than good to see those dropped packets. 

Thank you Lucar!