Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 39 replies
  • Subscribers 28 subscribers
  • Views 3883 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XGS 2100 Loopback NAT

Robert Reid

We are looking to deploy an HA pair of XGS2100 firewalls to our data centre. My issue is I cannot get a loopback NAT to work when I am starting the conversation from the same zone as the destination server is in. IF the loopback is to a different zone all is good.

I have googled this for hours and spent hours on the phone with support to no avail. I do have a support ticket open already but I hoping someone might have some additional insight into this.

The Firewall currently have 18.5 MR1 installed.



This thread was automatically locked due to age.
Parents
  • 0

    Why do you need a loop back in the first place? Still not sure, whats the actual use case? 

  • 0 in reply to LuCar Toni

    We have cloud servers (RDS) that need to be able to connect to servers in the same network using either the public DNS name or the public IP address.  We currently have Sophos SG firewalls here that have no problem accomplishing this task and every other firewall vendor I have ever used has no issue with loopback/hairpinning. I believe at one point I also had this working on an XG firewall. 

    Without loopback working these firewalls will not be a fit for our deployment and we will have to stay with the SGs.  

  • 0 in reply to LuCar Toni

    That command is returning nothing. In web admin however the usage count is increasing.

    I am also not seeing any entries for the attempt in the Log in WebAdmin

  • 0 in reply to Robert Reid

    This is a live command, so it needs to stay running while you try to access the service. 

    Maybe try: conntrack -E | grep 10.10.15.3

  • 0 in reply to LuCar Toni

    And check the license on the appliance. Do you have all subscriptions active? Especially, is the Base License active? 

  • 0 in reply to LuCar Toni

    Yes I have a valid subscriptions active. 

    Here is the output to conntrack.  note there is no port 80 form the source but there is a 44450 which is my Management port for WebAdmin And have no Idea where that is coming from as I am not trying to hit that from the device.

    XGS2100_RL01_SFOS 18.5.1 MR-1-Build318# conntrack -E | grep 10.10.15.3[J
    [DESTROY] proto=tcp proto-no=6 orig-src=10.10.15.3 orig-dst=192.168.112.3 orig-sport=60914 orig-dport=44450 packets=5 bytes=260 [UNREPLIED] reply-src=192.168.112.3 reply-dst=192.168.112.2 reply-sport=44450 reply-dport=60914 packets=0 bytes=0 mark=0x8001 id=2208533312 masterid=0 devin=br0.20 devout=Port2 nseid=83886749 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50004800000 flagvalues=3,5,21,37,41,43,55,87,90,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628614894 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=1 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=220 current_state[1]=0 vlan_id=0 inmark=0x0 brinindex=0 sessionid=494 sessionidrev=26818 session_update_rev=7 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=65535 nhop_id[1]=5 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [DESTROY] proto=udp proto-no=17 orig-src=10.10.15.3 orig-dst=10.10.0.1 orig-sport=50153 orig-dport=53 packets=1 bytes=67 reply-src=10.10.0.1 reply-dst=10.10.15.3 reply-sport=53 reply-dport=50153 packets=1 bytes=195 id=2178904448 masterid=0 devin=br0.20 devout= nseid=0 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=0 fwid=0 natid=0 fw_action=0 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0 sigoffload=0 inzone=1 outzone=4 devinindex=34 devoutindex=0 hb_src=0 hb_dst=0 flags0=0x2000200008 flags1=0x400000000 flagvalues=3,21,37,98 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615003 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=34 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=0 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=444 sessionidrev=36616 session_update_rev=0 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 conn_fp_id=NOT_OFFLOADED
    [DESTROY] proto=udp proto-no=17 orig-src=10.10.15.3 orig-dst=10.10.0.1 orig-sport=52065 orig-dport=53 packets=1 bytes=69 reply-src=10.10.0.1 reply-dst=10.10.15.3 reply-sport=53 reply-dport=52065 packets=1 bytes=199 id=2178901568 masterid=0 devin=br0.20 devout= nseid=0 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=0 fwid=0 natid=0 fw_action=0 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0 sigoffload=0 inzone=1 outzone=4 devinindex=34 devoutindex=0 hb_src=0 hb_dst=0 flags0=0x2000200008 flags1=0x400000000 flagvalues=3,21,37,98 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615002 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=34 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=0 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=435 sessionidrev=36618 session_update_rev=0 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 conn_fp_id=NOT_OFFLOADED
    [NEW] proto=tcp proto-no=6 timeout=120 state=SYN_SENT orig-src=10.10.15.3 orig-dst=192.168.112.3 orig-sport=56189 orig-dport=44450 [UNREPLIED] reply-src=192.168.112.3 reply-dst=192.168.112.2 reply-sport=44450 reply-dport=56189 mark=0x8001 id=2505482880 masterid=0 devin=br0.20 devout=Port2 nseid=16777889 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50000800000 flagvalues=3,5,21,37,41,43,55,87,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615038 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=1 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=0 vlan_id=0 inmark=0x0 brinindex=0 sessionid=309 sessionidrev=45690 session_update_rev=2 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=65535 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [NEW] proto=udp proto-no=17 timeout=30 orig-src=10.10.15.3 orig-dst=10.10.0.1 orig-sport=61024 orig-dport=53 [UNREPLIED] reply-src=10.10.0.1 reply-dst=10.10.15.3 reply-sport=53 reply-dport=61024 helper=dns id=2505483840 masterid=0 devin=br0.20 devout= nseid=0 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=0 fwid=0 natid=0 fw_action=0 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0 sigoffload=0 inzone=1 outzone=4 devinindex=34 devoutindex=0 hb_src=0 hb_dst=0 flags0=0x2000200008 flags1=0x400000000 flagvalues=3,21,37,98 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=34 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=0 cluster_node=0 current_state[0]=221 current_state[1]=0 vlan_id=0 inmark=0x0 brinindex=0 sessionid=307 sessionidrev=45690 session_update_rev=0 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 conn_fp_id=NOT_OFFLOADED
    [UPDATE] proto=udp proto-no=17 timeout=30 orig-src=10.10.15.3 orig-dst=10.10.0.1 orig-sport=61024 orig-dport=53 reply-src=10.10.0.1 reply-dst=10.10.15.3 reply-sport=53 reply-dport=61024 helper=dns id=2505483840 masterid=0 devin=br0.20 devout= nseid=0 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=0 fwid=0 natid=0 fw_action=0 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0 sigoffload=0 inzone=1 outzone=4 devinindex=34 devoutindex=0 hb_src=0 hb_dst=0 flags0=0x2000200008 flags1=0x400000000 flagvalues=3,21,37,98 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=34 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=0 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=307 sessionidrev=45690 session_update_rev=0 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 conn_fp_id=NOT_OFFLOADED
    [NEW] proto=tcp proto-no=6 timeout=120 state=SYN_SENT orig-src=10.10.15.3 orig-dst=38.91.40.26 orig-sport=58450 orig-dport=443 [UNREPLIED] reply-src=38.91.40.26 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58450 mark=0x8001 id=2208532672 masterid=0 devin=br0.20 devout=Port2 nseid=16777907 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50000800000 flagvalues=3,5,21,37,41,43,55,87,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=0 vlan_id=0 inmark=0x0 brinindex=0 sessionid=410 sessionidrev=37339 session_update_rev=2 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=65535 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [UPDATE] proto=tcp proto-no=6 timeout=60 state=SYN_RECV orig-src=10.10.15.3 orig-dst=38.91.40.26 orig-sport=58450 orig-dport=443 reply-src=38.91.40.26 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58450 mark=0x8001 id=2208532672 masterid=0 devin=br0.20 devout=Port2 nseid=16777907 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50000800000 flagvalues=3,5,21,37,41,43,55,87,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflowid[1]=130180 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=410 sessionidrev=37339 session_update_rev=2 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [UPDATE] proto=tcp proto-no=6 timeout=10800 state=ESTABLISHED orig-src=10.10.15.3 orig-dst=38.91.40.26 orig-sport=58450 orig-dport=443 reply-src=38.91.40.26 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58450 [ASSURED] mark=0x8001 id=2208532672 masterid=0 devin=br0.20 devout=Port2 nseid=16777907 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50000800000 flagvalues=3,5,21,37,41,43,55,87,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflowid[1]=130180 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=410 sessionidrev=37339 session_update_rev=2 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [UPDATE] proto=tcp proto-no=6 timeout=120 state=FIN_WAIT orig-src=10.10.15.3 orig-dst=38.91.40.26 orig-sport=58450 orig-dport=443 reply-src=38.91.40.26 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58450 [ASSURED] mark=0x8001 id=2208532672 masterid=0 devin=br0.20 devout=Port2 nseid=16777907 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0xd sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50104800000 flagvalues=3,5,21,37,41,43,55,87,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflowid[1]=130180 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=410 sessionidrev=37339 session_update_rev=8 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [NEW] proto=tcp proto-no=6 timeout=120 state=SYN_SENT orig-src=10.10.15.3 orig-dst=192.211.124.69 orig-sport=58451 orig-dport=443 [UNREPLIED] reply-src=192.211.124.69 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58451 mark=0x8001 id=3119435200 masterid=0 devin=br0.20 devout=Port2 nseid=16777947 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50000800000 flagvalues=3,5,21,37,41,43,55,87,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615053 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=0 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2340 sessionidrev=17878 session_update_rev=2 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=65535 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [UPDATE] proto=tcp proto-no=6 timeout=120 state=LAST_ACK orig-src=10.10.15.3 orig-dst=38.91.40.26 orig-sport=58450 orig-dport=443 reply-src=38.91.40.26 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58450 [ASSURED] mark=0x8001 id=2208532672 masterid=0 devin=br0.20 devout=Port2 nseid=16777907 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0xd sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50104800000 flagvalues=3,5,21,37,41,43,55,87,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflowid[1]=130180 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=410 sessionidrev=37339 session_update_rev=8 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [UPDATE] proto=tcp proto-no=6 timeout=10 state=TIME_WAIT orig-src=10.10.15.3 orig-dst=38.91.40.26 orig-sport=58450 orig-dport=443 reply-src=38.91.40.26 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58450 [ASSURED] mark=0x8001 id=2208532672 masterid=0 devin=br0.20 devout=Port2 nseid=16777907 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x1d sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50104800000 flagvalues=3,5,21,37,41,43,55,87,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflowid[1]=130180 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=410 sessionidrev=37339 session_update_rev=9 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [UPDATE] proto=tcp proto-no=6 timeout=60 state=SYN_RECV orig-src=10.10.15.3 orig-dst=192.211.124.69 orig-sport=58451 orig-dport=443 reply-src=192.211.124.69 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58451 mark=0x8001 id=3119435200 masterid=0 devin=br0.20 devout=Port2 nseid=16777947 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50000800000 flagvalues=3,5,21,37,41,43,55,87,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615053 microflow[0]=INVALID microflowid[1]=130323 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2340 sessionidrev=17878 session_update_rev=2 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [UPDATE] proto=tcp proto-no=6 timeout=10800 state=ESTABLISHED orig-src=10.10.15.3 orig-dst=192.211.124.69 orig-sport=58451 orig-dport=443 reply-src=192.211.124.69 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58451 [ASSURED] mark=0x8001 id=3119435200 masterid=0 devin=br0.20 devout=Port2 nseid=16777947 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50000800000 flagvalues=3,5,21,37,41,43,55,87,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615053 microflow[0]=INVALID microflowid[1]=130323 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2340 sessionidrev=17878 session_update_rev=2 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [UPDATE] proto=tcp proto-no=6 timeout=120 state=FIN_WAIT orig-src=10.10.15.3 orig-dst=192.211.124.69 orig-sport=58451 orig-dport=443 reply-src=192.211.124.69 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58451 [ASSURED] mark=0x8001 id=3119435200 masterid=0 devin=br0.20 devout=Port2 nseid=16777947 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x1d sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50104800000 flagvalues=3,5,21,37,41,43,55,87,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615053 microflow[0]=INVALID microflowid[1]=130323 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2340 sessionidrev=17878 session_update_rev=9 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [UPDATE] proto=tcp proto-no=6 timeout=120 state=LAST_ACK orig-src=10.10.15.3 orig-dst=192.211.124.69 orig-sport=58451 orig-dport=443 reply-src=192.211.124.69 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58451 [ASSURED] mark=0x8001 id=3119435200 masterid=0 devin=br0.20 devout=Port2 nseid=16777947 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x3f sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50106800000 flagvalues=3,5,21,37,41,43,55,87,89,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615053 microflow[0]=INVALID microflowid[1]=130323 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=2 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2340 sessionidrev=17878 session_update_rev=11 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [UPDATE] proto=tcp proto-no=6 timeout=10 state=CLOSE orig-src=10.10.15.3 orig-dst=192.211.124.69 orig-sport=58451 orig-dport=443 reply-src=192.211.124.69 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58451 [ASSURED] mark=0x8001 id=3119435200 masterid=0 devin=br0.20 devout=Port2 nseid=16777947 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x3f sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50106800000 flagvalues=3,5,21,37,41,43,55,87,89,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615053 microflow[0]=INVALID microflowid[1]=130323 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=2 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2340 sessionidrev=17878 session_update_rev=11 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [UPDATE] proto=tcp proto-no=6 timeout=120 state=FIN_WAIT orig-src=10.10.15.3 orig-dst=52.202.168.65 orig-sport=49170 orig-dport=443 reply-src=52.202.168.65 reply-dst=192.168.112.2 reply-sport=443 reply-dport=49170 [ASSURED] mark=0x8001 id=2208531072 masterid=0 devin=br0.20 devout=Port2 nseid=16777945 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x2d sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50104800000 flagvalues=3,5,21,37,41,43,55,87,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615002 microflow[0]=INVALID microflowid[1]=130582 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=2 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=409 sessionidrev=37329 session_update_rev=9 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [UPDATE] proto=tcp proto-no=6 timeout=10 state=CLOSE_WAIT orig-src=10.10.15.3 orig-dst=52.202.168.65 orig-sport=49170 orig-dport=443 reply-src=52.202.168.65 reply-dst=192.168.112.2 reply-sport=443 reply-dport=49170 [ASSURED] mark=0x8001 id=2208531072 masterid=0 devin=br0.20 devout=Port2 nseid=16777945 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x2d sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50104800000 flagvalues=3,5,21,37,41,43,55,87,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615002 microflow[0]=INVALID microflowid[1]=130582 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=2 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=409 sessionidrev=37329 session_update_rev=9 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [UPDATE] proto=tcp proto-no=6 timeout=120 state=FIN_WAIT orig-src=10.10.15.3 orig-dst=3.232.242.170 orig-sport=49171 orig-dport=443 reply-src=3.232.242.170 reply-dst=192.168.112.2 reply-sport=443 reply-dport=49171 [ASSURED] mark=0x8001 id=3119434560 masterid=0 devin=br0.20 devout=Port2 nseid=16777900 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x3f sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50106800000 flagvalues=3,5,21,37,41,43,55,87,89,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615003 microflow[0]=INVALID microflowid[1]=130458 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=2 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=3 sess_verdict=2 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2344 sessionidrev=17866 session_update_rev=11 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [UPDATE] proto=tcp proto-no=6 timeout=10 state=CLOSE_WAIT orig-src=10.10.15.3 orig-dst=3.232.242.170 orig-sport=49171 orig-dport=443 reply-src=3.232.242.170 reply-dst=192.168.112.2 reply-sport=443 reply-dport=49171 [ASSURED] mark=0x8001 id=3119434560 masterid=0 devin=br0.20 devout=Port2 nseid=16777900 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x3f sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50106800000 flagvalues=3,5,21,37,41,43,55,87,89,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615003 microflow[0]=INVALID microflowid[1]=130458 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=2 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=3 sess_verdict=2 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2344 sessionidrev=17866 session_update_rev=11 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [DESTROY] proto=tcp proto-no=6 orig-src=10.10.15.3 orig-dst=192.211.124.69 orig-sport=58451 orig-dport=443 packets=11 bytes=1702 reply-src=192.211.124.69 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58451 packets=10 bytes=3095 [ASSURED] mark=0x8001 id=3119435200 masterid=0 devin=br0.20 devout=Port2 nseid=16777947 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x3f sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50106800000 flagvalues=3,5,21,37,41,43,55,87,89,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615053 microflow[0]=INVALID microflowid[1]=130323 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=2 sess_verdict=2 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2340 sessionidrev=17878 session_update_rev=11 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [DESTROY] proto=tcp proto-no=6 orig-src=10.10.15.3 orig-dst=38.91.40.26 orig-sport=58450 orig-dport=443 packets=10 bytes=1768 reply-src=38.91.40.26 reply-dst=192.168.112.2 reply-sport=443 reply-dport=58450 packets=9 bytes=3705 [ASSURED] mark=0x8001 id=2208532672 masterid=0 devin=br0.20 devout=Port2 nseid=16777907 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=100 appcatid=5 hbappid=0 hbappcatid=0 dpioffload=0x1d sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50104800000 flagvalues=3,5,21,37,41,43,55,87,90,96,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628615052 microflow[0]=INVALID microflowid[1]=130180 microflowrev[1]=0 hostrev[0]=0 hostrev[1]=1 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=221 current_state[1]=221 vlan_id=0 inmark=0x0 brinindex=0 sessionid=410 sessionidrev=37339 session_update_rev=9 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=6 nhop_id[1]=65535 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    [DESTROY] proto=tcp proto-no=6 orig-src=10.10.15.3 orig-dst=192.168.112.3 orig-sport=49192 orig-dport=44450 packets=5 bytes=260 [UNREPLIED] reply-src=192.168.112.3 reply-dst=192.168.112.2 reply-sport=44450 reply-dport=49192 packets=0 bytes=0 mark=0x8001 id=3119433600 masterid=0 devin=br0.20 devout=Port2 nseid=83886767 ips=0 sslvpnid=0 webfltid=0 appfltid=0 icapid=0 policytype=1 fwid=5 natid=3 fw_action=1 bwid=0 appid=0 appcatid=0 hbappid=0 hbappcatid=0 dpioffload=0x1 sigoffload=0 inzone=1 outzone=2 devinindex=34 devoutindex=11 hb_src=0 hb_dst=1 flags0=0x800a2000200028 flags1=0x50004800000 flagvalues=3,5,21,37,41,43,55,87,90,104,106 catid=0 user=0 luserid=0 usergp=0 hotspotuserid=0 hotspotid=0 dst_mac=c8:4f:86:fc:00:05 src_mac=00:23:24:e6:f7:9e startstamp=1628614935 microflow[0]=INVALID microflow[1]=INVALID hostrev[0]=0 hostrev[1]=0 ipspid=0 diffserv=0 loindex=11 tlsruleid=0 ips_nfqueue=0 sess_verdict=0 gwoff=1 cluster_node=0 current_state[0]=220 current_state[1]=0 vlan_id=0 inmark=0x0 brinindex=0 sessionid=2341 sessionidrev=17870 session_update_rev=7 dnat_done=0 upclass=0:0 dnclass=0:0 pbrid_dir0=0 pbrid_dir1=0 nhop_id[0]=65535 nhop_id[1]=5 nhop_rev[0]=0 nhop_rev[1]=0 conn_fp_id=NOT_OFFLOADED
    ^Cconntrack v1.4.5 (conntrack-tools): 204 flow events have been shown.

  • 0 in reply to Robert Reid

    Odd enough, that you are not seeing any connection, i have a feeling about this: The firewall rule, you are using: Is it the same firewall rule, you are using from external to internal (DNAT) and do you have anything other selected there? For example web filtering or scanning of web etc? 

  • 0 in reply to LuCar Toni

    Yes the Firewall rule is is the Same for the External to internal DNAT (seen above).  There are no services enabled only logging turned on

  • 0 in reply to Robert Reid

    And this rule, beside of the actual small counter, works from external. Because i would expect more data to flow, if you are talking about HTTP. 

    I am oddly confused, that the connection is not loaded in the conntrack. That should be there. You should see the connection in Conntrack. But you see the connection in the logviewer, correct? The NAT and Firewall rule is fine there? You should see it via mouse over.

    To summarize: Without SNAT i cannot work. There has to be a SNAT, otherwise it wont work. But the SNAT, however does not hit, no matter what you configure. 

  • 0 in reply to LuCar Toni

    The counter is not increasing on the rule but is on the NAT rule. No I am not seeing the traffic in the logviewer.  I'm just as confused as from this machine I can hit the Management using the WAN IP Address of .2 and it comes up like I am on the inside network which I am.

  • 0 in reply to Robert Reid

    I have the strong feeling there is something odd going on in your setup. You should contact support to get this more analyzed. I think, there is something going on, which is oddly enough.

    Do you have multiple HA Clusters in your setup? 

  • 0 in reply to LuCar Toni

    I already have a ticket open with support for this issue. This is the only HA cluster we have other than the SG cluster that is being replaced by these ones. Originally I was having issues with traffic between VLANs but that was corrected by MR1. I won't be able to put these into production until I can get this fixed.

    I appreciate and thank you for the time you have taken to try to assist.

Reply
  • 0 in reply to LuCar Toni

    I already have a ticket open with support for this issue. This is the only HA cluster we have other than the SG cluster that is being replaced by these ones. Originally I was having issues with traffic between VLANs but that was corrected by MR1. I won't be able to put these into production until I can get this fixed.

    I appreciate and thank you for the time you have taken to try to assist.

Children