XGS 2100 Loopback NAT

Why do you need a loop back in the first place? Still not sure, whats the actual use case? 

We have cloud servers (RDS) that need to be able to connect to servers in the same network using either the public DNS name or the public IP address.  We currently have Sophos SG firewalls here that have no problem accomplishing this task and every other firewall vendor I have ever used has no issue with loopback/hairpinning. I believe at one point I also had this working on an XG firewall. 

Without loopback working these firewalls will not be a fit for our deployment and we will have to stay with the SGs.  

Change from MASQ to a custom host. Change it to a host, you created with the IP of your br0.20 Interface. Check if it will SNAT the packets. 

Wondering as you should see .VLAN Interfaces in the Packet capture as well. 

Try: ip r g 10.10.0.100 --> It should show br0.20 

Check: console> system route_precedence show
Routing Precedence:
1. Static routes
2. SD-WAN policy routes
3. VPN routes

console> system route_precedence show
Routing Precedence:
1. Static routes
2. SD-WAN policy routes
3. VPN routes

I have no Static routes set

XGS2100_RL01_SFOS 18.5.1 MR-1-Build318# ip r g 10.10.0.100
10.10.0.100 dev br0.20 src 10.10.0.1 uid 0
cache

Okay I Think I read it right.

Created an IP host with ip 10.10.0.254 (on VLAN 20) and changed the Loopback NAT to that host. 

TCPDUMP after change is the same.

12:04:47.005444 br0, OUT: ethertype IPv4, IP 10.10.15.3.63811 > 10.10.0.100.80: Flags [S], seq 2935645804, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
12:04:47.254490 Port5, IN: ethertype IPv4, IP 10.10.15.3.53244 > 192.168.112.3.80: Flags [S], seq 2327797076, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
12:04:47.254526 br0, OUT: ethertype IPv4, IP 10.10.15.3.53244 > 10.10.0.100.80: Flags [S], seq 2327797076, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
12:04:51.018048 Port5, IN: ethertype IPv4, IP 10.10.15.3.63811 > 192.168.112.3.80: Flags [S], seq 2935645804, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
12:04:51.018084 Port5, IN: ethertype IPv4, IP 10.10.15.3.64210 > 192.168.112.3.80: Flags [S], seq 1148065473, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
12:04:51.018113 br0, OUT: ethertype IPv4, IP 10.10.15.3.63811 > 10.10.0.100.80: Flags [S], seq 2935645804, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
12:04:51.018114 br0, OUT: ethertype IPv4, IP 10.10.15.3.64210 > 10.10.0.100.80: Flags [S], seq 1148065473, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
12:04:51.254768 Port5, IN: ethertype IPv4, IP 10.10.15.3.53244 > 192.168.112.3.80: Flags [S], seq 2327797076, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
12:04:51.254812 br0, OUT: ethertype IPv4, IP 10.10.15.3.53244 > 10.10.0.100.80: Flags [S], seq 2327797076, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
12:04:59.024272 Port5, IN: ethertype IPv4, IP 10.10.15.3.63811 > 192.168.112.3.80: Flags [S], seq 2935645804, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
12:04:59.024274 Port5, IN: ethertype IPv4, IP 10.10.15.3.64210 > 192.168.112.3.80: Flags [S], seq 1148065473, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
12:04:59.024319 br0, OUT: ethertype IPv4, IP 10.10.15.3.63811 > 10.10.0.100.80: Flags [S], seq 2935645804, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
12:04:59.024319 br0, OUT: ethertype IPv4, IP 10.10.15.3.64210 > 10.10.0.100.80: Flags [S], seq 1148065473, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
12:04:59.257082 Port5, IN: ethertype IPv4, IP 10.10.15.3.53244 > 192.168.112.3.80: Flags [S], seq 2327797076, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
12:04:59.257122 br0, OUT: ethertype IPv4, IP 10.10.15.3.53244 > 10.10.0.100.80: Flags [S], seq 2327797076, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0

Please show your NAT. 

I also Tried this

You should see a NAT ID. If you use a conntrack, does the NAT Rule reflect the same rule ID? 

conntrack -E | grep orig-dport=80

This should show you the conntrack. 

There should be a entry for NAT: fwid=0 natid=0  It should use the same ID you see in the Webadmin. 

That command is returning nothing. In web admin however the usage count is increasing.

I am also not seeing any entries for the attempt in the Log in WebAdmin

This is a live command, so it needs to stay running while you try to access the service. 

Maybe try: conntrack -E | grep 10.10.15.3

And check the license on the appliance. Do you have all subscriptions active? Especially, is the Base License active? 

Yes I have a valid subscriptions active. 

Here is the output to conntrack.  note there is no port 80 form the source but there is a 44450 which is my Management port for WebAdmin And have no Idea where that is coming from as I am not trying to hit that from the device.

XGS2100_RL01_SFOS 18.5.1 MR-1-Build318# conntrack -E | grep 10.10.15.3[J
[DESTROY] proto=tcp proto-no=6 orig-src=10.10.15.3 orig-dst=192.168.112.3 orig-sport=60914 orig-dport=44450 packets=5 bytes=260 [UNREPLIED] reply-src=192.168.112.3 reply-dst=192.168.112.2 reply-sport=44450 reply-dport=60914 packets=0 bytes=0 mark=0x8001 id=2208533312 masterid=0 devin=br0.20 devout=Port2 nseid=83886749 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50004800000 flagvalues=3,5,21,37,41,43,55,87,90,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628614894 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=1 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=220 current_state[1]=0 vlan_id=0 inmark=0x0 brinindex=0 sessionid=494 sessionidrev=26818 session_update_rev=7 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=65535 nhop_id[1]=5 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[DESTROY] proto=udp proto-no=17 orig-src=10.10.15.3 orig-dst=10.10.0.1 orig-sport=50153 orig-dport=53 packets=1 bytes=67 reply-src=10.10.0.1 reply-dst=10.10.15.3 reply-sport=53 reply-dport=50153 packets=1 bytes=195 id=2178904448 masterid=0 devin=br0.20 devout= nseid=0 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=0 fwid=0 natid=0 fw_action=0 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0 sigoffload=0 inzone=1 outzone=4 devinindex=34 devoutindex=0 hb_src=0 hb_dst=0 flags0=0x2000200008 flags1=0x400000000 flagvalues=3,21,37,98 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615003 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=34 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=0 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=444 sessionidrev=36616 session_update_rev=0 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 conn_fp_id=NOT_OFFLOADED
[DESTROY] proto=udp proto-no=17 orig-src=10.10.15.3 orig-dst=10.10.0.1 orig-sport=52065 orig-dport=53 packets=1 bytes=69 reply-src=10.10.0.1 reply-dst=10.10.15.3 reply-sport=53 reply-dport=52065 packets=1 bytes=199 id=2178901568 masterid=0 devin=br0.20 devout= nseid=0 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=0 fwid=0 natid=0 fw_action=0 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0 sigoffload=0 inzone=1 outzone=4 devinindex=34 devoutindex=0 hb_src=0 hb_dst=0 flags0=0x2000200008 flags1=0x400000000 flagvalues=3,21,37,98 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615002 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=34 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=0 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=435 sessionidrev=36618 session_update_rev=0 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 conn_fp_id=NOT_OFFLOADED
[NEW] proto=tcp proto-no=6 timeout=120 state=SYN_SENT orig-src=10.10.15.3 orig-dst=192.168.112.3 orig-sport=56189 orig-dport=44450 [UNREPLIED] reply-src=192.168.112.3 reply-dst=192.168.112.2 reply-sport=44450 reply-dport=56189 mark=0x8001 id=2505482880 masterid=0 devin=br0.20 devout=Port2 nseid=16777889 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50000800000 flagvalues=3,5,21,37,41,43,55,87,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615038 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=1 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=0 vlan_id=0 inmark=0x0 brinindex=0 sessionid=309 sessionidrev=45690 session_update_rev=2 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=65535 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[NEW] proto=udp proto-no=17 timeout=30 orig-src=10.10.15.3 orig-dst=10.10.0.1 orig-sport=61024 orig-dport=53 [UNREPLIED] reply-src=10.10.0.1 reply-dst=10.10.15.3 reply-sport=53 reply-dport=61024 helper=dns id=2505483840 masterid=0 devin=br0.20 devout= nseid=0 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=0 fwid=0 natid=0 fw_action=0 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0 sigoffload=0 inzone=1 outzone=4 devinindex=34 devoutindex=0 hb_src=0 hb_dst=0 flags0=0x2000200008 flags1=0x400000000 flagvalues=3,21,37,98 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=34 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=0 cluster_node=0 current_state[0]=221 current_state[1]=0 vlan_id=0 inmark=0x0 brinindex=0 sessionid=307 sessionidrev=45690 session_update_rev=0 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 conn_fp_id=NOT_OFFLOADED
[UPDATE] proto=udp proto-no=17 timeout=30 orig-src=10.10.15.3 orig-dst=10.10.0.1 orig-sport=61024 orig-dport=53 reply-src=10.10.0.1 reply-dst=10.10.15.3 reply-sport=53 reply-dport=61024 helper=dns id=2505483840 masterid=0 devin=br0.20 devout= nseid=0 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=0 fwid=0 natid=0 fw_action=0 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0 sigoffload=0 inzone=1 outzone=4 devinindex=34 devoutindex=0 hb_src=0 hb_dst=0 flags0=0x2000200008 flags1=0x400000000 flagvalues=3,21,37,98 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=34 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=0 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=307 sessionidrev=45690 session_update_rev=0 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 conn_fp_id=NOT_OFFLOADED
[NEW] proto=tcp proto-no=6 timeout=120 state=SYN_SENT orig-src=10.10.15.3 orig-dst=38.91.40.26 orig-sport=58450 orig-dport=443 [UNREPLIED] reply-src=38.91.40.26 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58450 mark=0x8001 id=2208532672 masterid=0 devin=br0.20 devout=Port2 nseid=16777907 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50000800000 flagvalues=3,5,21,37,41,43,55,87,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=0 vlan_id=0 inmark=0x0 brinindex=0 sessionid=410 sessionidrev=37339 session_update_rev=2 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=65535 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[UPDATE] proto=tcp proto-no=6 timeout=60 state=SYN_RECV orig-src=10.10.15.3 orig-dst=38.91.40.26 orig-sport=58450 orig-dport=443 reply-src=38.91.40.26 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58450 mark=0x8001 id=2208532672 masterid=0 devin=br0.20 devout=Port2 nseid=16777907 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50000800000 flagvalues=3,5,21,37,41,43,55,87,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflowid[1]=130180 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=410 sessionidrev=37339 session_update_rev=2 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[UPDATE] proto=tcp proto-no=6 timeout=10800 state=ESTABLISHED orig-src=10.10.15.3 orig-dst=38.91.40.26 orig-sport=58450 orig-dport=443 reply-src=38.91.40.26 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58450 [ASSURED] mark=0x8001 id=2208532672 masterid=0 devin=br0.20 devout=Port2 nseid=16777907 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50000800000 flagvalues=3,5,21,37,41,43,55,87,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflowid[1]=130180 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=410 sessionidrev=37339 session_update_rev=2 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[UPDATE] proto=tcp proto-no=6 timeout=120 state=FIN_WAIT orig-src=10.10.15.3 orig-dst=38.91.40.26 orig-sport=58450 orig-dport=443 reply-src=38.91.40.26 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58450 [ASSURED] mark=0x8001 id=2208532672 masterid=0 devin=br0.20 devout=Port2 nseid=16777907 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0xd sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50104800000 flagvalues=3,5,21,37,41,43,55,87,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflowid[1]=130180 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=410 sessionidrev=37339 session_update_rev=8 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[NEW] proto=tcp proto-no=6 timeout=120 state=SYN_SENT orig-src=10.10.15.3 orig-dst=192.211.124.69 orig-sport=58451 orig-dport=443 [UNREPLIED] reply-src=192.211.124.69 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58451 mark=0x8001 id=3119435200 masterid=0 devin=br0.20 devout=Port2 nseid=16777947 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50000800000 flagvalues=3,5,21,37,41,43,55,87,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615053 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=0 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2340 sessionidrev=17878 session_update_rev=2 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=65535 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[UPDATE] proto=tcp proto-no=6 timeout=120 state=LAST_ACK orig-src=10.10.15.3 orig-dst=38.91.40.26 orig-sport=58450 orig-dport=443 reply-src=38.91.40.26 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58450 [ASSURED] mark=0x8001 id=2208532672 masterid=0 devin=br0.20 devout=Port2 nseid=16777907 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0xd sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50104800000 flagvalues=3,5,21,37,41,43,55,87,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflowid[1]=130180 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=410 sessionidrev=37339 session_update_rev=8 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[UPDATE] proto=tcp proto-no=6 timeout=10 state=TIME_WAIT orig-src=10.10.15.3 orig-dst=38.91.40.26 orig-sport=58450 orig-dport=443 reply-src=38.91.40.26 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58450 [ASSURED] mark=0x8001 id=2208532672 masterid=0 devin=br0.20 devout=Port2 nseid=16777907 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x1d sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50104800000 flagvalues=3,5,21,37,41,43,55,87,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflowid[1]=130180 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=410 sessionidrev=37339 session_update_rev=9 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[UPDATE] proto=tcp proto-no=6 timeout=60 state=SYN_RECV orig-src=10.10.15.3 orig-dst=192.211.124.69 orig-sport=58451 orig-dport=443 reply-src=192.211.124.69 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58451 mark=0x8001 id=3119435200 masterid=0 devin=br0.20 devout=Port2 nseid=16777947 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50000800000 flagvalues=3,5,21,37,41,43,55,87,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615053 microflow[0]=INVALID microflowid[1]=130323 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2340 sessionidrev=17878 session_update_rev=2 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[UPDATE] proto=tcp proto-no=6 timeout=10800 state=ESTABLISHED orig-src=10.10.15.3 orig-dst=192.211.124.69 orig-sport=58451 orig-dport=443 reply-src=192.211.124.69 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58451 [ASSURED] mark=0x8001 id=3119435200 masterid=0 devin=br0.20 devout=Port2 nseid=16777947 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50000800000 flagvalues=3,5,21,37,41,43,55,87,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615053 microflow[0]=INVALID microflowid[1]=130323 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2340 sessionidrev=17878 session_update_rev=2 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[UPDATE] proto=tcp proto-no=6 timeout=120 state=FIN_WAIT orig-src=10.10.15.3 orig-dst=192.211.124.69 orig-sport=58451 orig-dport=443 reply-src=192.211.124.69 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58451 [ASSURED] mark=0x8001 id=3119435200 masterid=0 devin=br0.20 devout=Port2 nseid=16777947 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x1d sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50104800000 flagvalues=3,5,21,37,41,43,55,87,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615053 microflow[0]=INVALID microflowid[1]=130323 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2340 sessionidrev=17878 session_update_rev=9 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[UPDATE] proto=tcp proto-no=6 timeout=120 state=LAST_ACK orig-src=10.10.15.3 orig-dst=192.211.124.69 orig-sport=58451 orig-dport=443 reply-src=192.211.124.69 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58451 [ASSURED] mark=0x8001 id=3119435200 masterid=0 devin=br0.20 devout=Port2 nseid=16777947 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x3f sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50106800000 flagvalues=3,5,21,37,41,43,55,87,89,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615053 microflow[0]=INVALID microflowid[1]=130323 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=2 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2340 sessionidrev=17878 session_update_rev=11 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[UPDATE] proto=tcp proto-no=6 timeout=10 state=CLOSE orig-src=10.10.15.3 orig-dst=192.211.124.69 orig-sport=58451 orig-dport=443 reply-src=192.211.124.69 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58451 [ASSURED] mark=0x8001 id=3119435200 masterid=0 devin=br0.20 devout=Port2 nseid=16777947 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x3f sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50106800000 flagvalues=3,5,21,37,41,43,55,87,89,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615053 microflow[0]=INVALID microflowid[1]=130323 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=2 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2340 sessionidrev=17878 session_update_rev=11 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[UPDATE] proto=tcp proto-no=6 timeout=120 state=FIN_WAIT orig-src=10.10.15.3 orig-dst=52.202.168.65 orig-sport=49170 orig-dport=443 reply-src=52.202.168.65 reply-dst=192.168.112.2 reply-sport=443 reply-dport=49170 [ASSURED] mark=0x8001 id=2208531072 masterid=0 devin=br0.20 devout=Port2 nseid=16777945 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x2d sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50104800000 flagvalues=3,5,21,37,41,43,55,87,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615002 microflow[0]=INVALID microflowid[1]=130582 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=2 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=409 sessionidrev=37329 session_update_rev=9 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[UPDATE] proto=tcp proto-no=6 timeout=10 state=CLOSE_WAIT orig-src=10.10.15.3 orig-dst=52.202.168.65 orig-sport=49170 orig-dport=443 reply-src=52.202.168.65 reply-dst=192.168.112.2 reply-sport=443 reply-dport=49170 [ASSURED] mark=0x8001 id=2208531072 masterid=0 devin=br0.20 devout=Port2 nseid=16777945 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x2d sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50104800000 flagvalues=3,5,21,37,41,43,55,87,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615002 microflow[0]=INVALID microflowid[1]=130582 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=2 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=409 sessionidrev=37329 session_update_rev=9 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[UPDATE] proto=tcp proto-no=6 timeout=120 state=FIN_WAIT orig-src=10.10.15.3 orig-dst=3.232.242.170 orig-sport=49171 orig-dport=443 reply-src=3.232.242.170 reply-dst=192.168.112.2 reply-sport=443 reply-dport=49171 [ASSURED] mark=0x8001 id=3119434560 masterid=0 devin=br0.20 devout=Port2 nseid=16777900 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x3f sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50106800000 flagvalues=3,5,21,37,41,43,55,87,89,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615003 microflow[0]=INVALID microflowid[1]=130458 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=2 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=3 sess_verdict=2 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2344 sessionidrev=17866 session_update_rev=11 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[UPDATE] proto=tcp proto-no=6 timeout=10 state=CLOSE_WAIT orig-src=10.10.15.3 orig-dst=3.232.242.170 orig-sport=49171 orig-dport=443 reply-src=3.232.242.170 reply-dst=192.168.112.2 reply-sport=443 reply-dport=49171 [ASSURED] mark=0x8001 id=3119434560 masterid=0 devin=br0.20 devout=Port2 nseid=16777900 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x3f sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50106800000 flagvalues=3,5,21,37,41,43,55,87,89,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615003 microflow[0]=INVALID microflowid[1]=130458 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=2 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=3 sess_verdict=2 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2344 sessionidrev=17866 session_update_rev=11 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[DESTROY] proto=tcp proto-no=6 orig-src=10.10.15.3 orig-dst=192.211.124.69 orig-sport=58451 orig-dport=443 packets=11 bytes=1702 reply-src=192.211.124.69 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58451 packets=10 bytes=3095 [ASSURED] mark=0x8001 id=3119435200 masterid=0 devin=br0.20 devout=Port2 nseid=16777947 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x3f sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50106800000 flagvalues=3,5,21,37,41,43,55,87,89,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615053 microflow[0]=INVALID microflowid[1]=130323 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=2 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2340 sessionidrev=17878 session_update_rev=11 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[DESTROY] proto=tcp proto-no=6 orig-src=10.10.15.3 orig-dst=38.91.40.26 orig-sport=58450 orig-dport=443 packets=10 bytes=1768 reply-src=38.91.40.26 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58450 packets=9 bytes=3705 [ASSURED] mark=0x8001 id=2208532672 masterid=0 devin=br0.20 devout=Port2 nseid=16777907 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x1d sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50104800000 flagvalues=3,5,21,37,41,43,55,87,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflowid[1]=130180 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=410 sessionidrev=37339 session_update_rev=9 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
[DESTROY] proto=tcp proto-no=6 orig-src=10.10.15.3 orig-dst=192.168.112.3 orig-sport=49192 orig-dport=44450 packets=5 bytes=260 [UNREPLIED] reply-src=192.168.112.3 reply-dst=192.168.112.2 reply-sport=44450 reply-dport=49192 packets=0 bytes=0 mark=0x8001 id=3119433600 masterid=0 devin=br0.20 devout=Port2 nseid=83886767 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50004800000 flagvalues=3,5,21,37,41,43,55,87,90,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628614935 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=220 current_state[1]=0 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2341 sessionidrev=17870 session_update_rev=7 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=65535 nhop_id[1]=5 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
^Cconntrack v1.4.5 (conntrack-tools): 204 flow events have been shown.

Odd enough, that you are not seeing any connection, i have a feeling about this: The firewall rule, you are using: Is it the same firewall rule, you are using from external to internal (DNAT) and do you have anything other selected there? For example web filtering or scanning of web etc? 

Odd enough, that you are not seeing any connection, i have a feeling about this: The firewall rule, you are using: Is it the same firewall rule, you are using from external to internal (DNAT) and do you have anything other selected there? For example web filtering or scanning of web etc? 

Yes the Firewall rule is is the Same for the External to internal DNAT (seen above).  There are no services enabled only logging turned on

And this rule, beside of the actual small counter, works from external. Because i would expect more data to flow, if you are talking about HTTP. 

I am oddly confused, that the connection is not loaded in the conntrack. That should be there. You should see the connection in Conntrack. But you see the connection in the logviewer, correct? The NAT and Firewall rule is fine there? You should see it via mouse over.

To summarize: Without SNAT i cannot work. There has to be a SNAT, otherwise it wont work. But the SNAT, however does not hit, no matter what you configure. 

The counter is not increasing on the rule but is on the NAT rule. No I am not seeing the traffic in the logviewer.  I'm just as confused as from this machine I can hit the Management using the WAN IP Address of .2 and it comes up like I am on the inside network which I am.

I have the strong feeling there is something odd going on in your setup. You should contact support to get this more analyzed. I think, there is something going on, which is oddly enough.

Do you have multiple HA Clusters in your setup? 

I already have a ticket open with support for this issue. This is the only HA cluster we have other than the SG cluster that is being replaced by these ones. Originally I was having issues with traffic between VLANs but that was corrected by MR1. I won't be able to put these into production until I can get this fixed.

I appreciate and thank you for the time you have taken to try to assist.

Go to the HA Cluster Config and change the Cluster ID. 

Done but made no difference

You could try to figure out, why conntrack is not showing anything. Because even conntrack -L should show some connections. At least the connection build up. 

Hi Robert Reid,

Could you please provide the support ticket number by sending a personal message? I will follow up with it internally and provide you an update.

Thanks,

Hi,

I am having a similar issues conntrack not showing connections through the hairpin NAT. Does conntrack only show traffic that passes LAN to WAN or WAN to LAN but not LAN to LAN?

ian