Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 31 replies
  • Answers 1 answer
  • Subscribers 35 subscribers
  • Views 90091 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Client Authentication Agent disconnects each firewall rules changes

NoelZamora

I do not know if this happens to others, but every time I edit a firewall policy that applies to a user, the authentication client disconnects.

Noel Zamora



Edited Tags
[edited by: Erick Jan at 11:52 PM (GMT -7) on 15 Sep 2022]
Parents
  • 0

    We deployed over 50 client authentication agents at our remote RED sites last week. Every time we make a change to a policy, the client has to right-click on the auth agent and set credentials to get them back on.

    Is this by design? Has anybody found a work around for this? This is quite the hassle!

    So it looks like everyone is having this problem?

  • 0 in reply to DaveLe

    Unfortunately no solution for the moment.

    Noel Zamora

  • 0 in reply to NoelZamora

    Hi All,

    I checked the logs on a similar case as the same instance was not faced when I reproduced it in Labs. When a User authenticates through Sophos Authentication Agent, UTM will communicate through ping-pong packet for user status. The disconnection is pushed if the ping packet is not responded by the end system.

    When I reproduced it and took a look at TCPDUMPS, UTM sends a ping packet from 1.2.3.4 on port 9922. Alongside, the agent sends a pong reply on port 50332.

    20:11:43.136584 Port1, IN:  In 16:cb:fe:f6:d0:26 ethertype IPv4 (0x0800), length 62: 192.168.16.2.50332 > 1.2.3.4.9922: Flags [.], ack 1, win 256, length 0
    20:11:43.160135 Port1, IN:  In 16:cb:fe:f6:d0:26 ethertype IPv4 (0x0800), length 165: 192.168.16.2.50332 > 1.2.3.4.9922: Flags [P.], ack 1, win 256, length 109
    20:11:43.160203 Port1, OUT: Out 00:1a:8c:42:27:00 ethertype IPv4 (0x0800), length 56: 1.2.3.4.9922 > 192.168.16.2.50332: Flags [.], ack 110, win 229, length 0
    20:11:43.160744 Port1, OUT: Out 00:1a:8c:42:27:00 ethertype IPv4 (0x0800), length 1394: 1.2.3.4.9922 > 192.168.16.2.50332: Flags [P.], ack 110, win 229, length 1338
    20:11:43.162135 Port1, IN:  In 16:cb:fe:f6:d0:26 ethertype IPv4 (0x0800), length 382: 192.168.16.2.50332 > 1.2.3.4.9922: Flags [P.], ack 1339, win 251, length 326

    If you have an endpoint antivirus or anything intermediate, I think bypassing IP address 1.2.3.4 and ports (9922, 50332,50333) will resolve the issue.

    Please update me if anyone executes this exercise.

    Thanks

  • 0 in reply to sachingurung

    Sachin,

    I am using Sophos for MAC and this is the output from tcpdump from my MAC:

    192.168.0.7.55349 > 1.2.3.4.9922: Flags [F.], cksum 0x4201 (correct), seq 293920138, ack 1919232177, win 8192, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [S], cksum 0xe06e (correct), seq 2042191961, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 342598518 ecr 0,sackOK,eol], length 0
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [S.], cksum 0xb278 (correct), seq 120890518, ack 2042191962, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [.], cksum 0x455b (correct), seq 1, ack 1, win 8192, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0x0a6d (correct), seq 1:207, ack 1, win 8192, length 206
    ...1.2.3.4.
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [.], cksum 0x63a0 (correct), seq 1, ack 207, win 237, length 0
        1.2.3.4.9922 > 192.168.0.7.55349: Flags [.], cksum 0x610c (correct), seq 1, ack 1, win 245, length 0
        192.168.0.7.55349 > 1.2.3.4.9922: Flags [.], cksum 0x4201 (correct), seq 1, ack 1, win 8192, length 0
        1.2.3.4.9922 > 192.168.0.7.55349: Flags [P.], cksum 0x08fb (correct), seq 1:38, ack 1, win 245, length 37
        1.2.3.4.9922 > 192.168.0.7.55349: Flags [F.], cksum 0x60e6 (correct), seq 38, ack 1, win 245, length 0
        192.168.0.7.55349 > 1.2.3.4.9922: Flags [R], cksum 0xfd23 (correct), seq 293920139, win 0, length 0
        192.168.0.7.55349 > 1.2.3.4.9922: Flags [R], cksum 0xfd23 (correct), seq 293920139, win 0, length 0
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [P.], cksum 0x020c (correct), seq 1:146, ack 207, win 237, length 145
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [.], cksum 0x4401 (correct), seq 207, ack 146, win 8187, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0x2dea (correct), seq 207:213, ack 146, win 8192, length 6
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [.], cksum 0x6309 (correct), seq 146, ack 213, win 237, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0xf29a (correct), seq 213:266, ack 146, win 8192, length 53
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [.], cksum 0x62d4 (correct), seq 146, ack 266, win 237, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0x80b0 (correct), seq 266:303, ack 146, win 8192, length 37
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [.], cksum 0x62af (correct), seq 146, ack 303, win 237, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0xdb3c (correct), seq 303:393, ack 146, win 8192, length 90
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [P.], cksum 0xe93c (correct), seq 146:220, ack 303, win 237, length 74
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [.], cksum 0x42fb (correct), seq 393, ack 220, win 8189, length 0
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [P.], cksum 0xe61d (correct), seq 220:294, ack 393, win 237, length 74
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [.], cksum 0x42b1 (correct), seq 393, ack 294, win 8189, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0xf65c (correct), seq 393:515, ack 294, win 8192, length 122
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [P.], cksum 0xe031 (correct), seq 294:368, ack 515, win 237, length 74
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0x148e (correct), seq 515:605, ack 368, win 8189, length 90
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [P.], cksum 0x27f8 (correct), seq 368:442, ack 605, win 237, length 74
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [.], cksum 0x4149 (correct), seq 605, ack 442, win 8189, length 0
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [P.], cksum 0x359d (correct), seq 442:516, ack 605, win 237, length 74
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [.], cksum 0x40ff (correct), seq 605, ack 516, win 8189, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0x08e6 (correct), seq 605:679, ack 516, win 8192, length 74
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [.], cksum 0x5fc5 (correct), seq 516, ack 679, win 237, length 0
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [P.], cksum 0x3d91 (correct), seq 516:590, ack 679, win 237, length 74
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [.], cksum 0x406b (correct), seq 679, ack 590, win 8189, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0x1f0e (correct), seq 679:753, ack 590, win 8192, length 74
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [.], cksum 0x5f31 (correct), seq 590, ack 753, win 237, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [F.], cksum 0x401d (correct), seq 753, ack 590, win 8192, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [S], cksum 0x60f7 (correct), seq 3087639388, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 342663537 ecr 0,sackOK,eol], length 0
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [S.], cksum 0xdee8 (correct), seq 314960665, ack 3087639389, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x71cb (correct), seq 1, ack 1, win 8192, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0xe725 (correct), seq 1:207, ack 1, win 8192, length 206
    ...1.2.3.4.
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [.], cksum 0x9010 (correct), seq 1, ack 207, win 237, length 0
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [.], cksum 0x5f30 (correct), seq 590, ack 754, win 237, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [.], cksum 0x401d (correct), seq 754, ack 590, win 8192, length 0
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [P.], cksum 0xd071 (correct), seq 590:627, ack 754, win 237, length 37
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [F.], cksum 0x5f0a (correct), seq 627, ack 754, win 237, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [R], cksum 0x0e42 (correct), seq 2042192715, win 0, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [R], cksum 0x0e42 (correct), seq 2042192715, win 0, length 0
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0x9112 (correct), seq 1:146, ack 207, win 237, length 145
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x7071 (correct), seq 207, ack 146, win 8187, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x5a5a (correct), seq 207:213, ack 146, win 8192, length 6
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [.], cksum 0x8f79 (correct), seq 146, ack 213, win 237, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x3594 (correct), seq 213:266, ack 146, win 8192, length 53
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [.], cksum 0x8f44 (correct), seq 146, ack 266, win 237, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x53a9 (correct), seq 266:303, ack 146, win 8192, length 37
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [.], cksum 0x8f1f (correct), seq 146, ack 303, win 237, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x975e (correct), seq 303:393, ack 146, win 8192, length 90
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0xc561 (correct), seq 146:220, ack 303, win 237, length 74
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x6f6b (correct), seq 393, ack 220, win 8189, length 0
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0x4208 (correct), seq 220:294, ack 393, win 237, length 74
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x6f21 (correct), seq 393, ack 294, win 8189, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0xf722 (correct), seq 393:515, ack 294, win 8192, length 122
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0xc826 (correct), seq 294:368, ack 515, win 237, length 74
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x2fbf (correct), seq 515:605, ack 368, win 8189, length 90
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0x9bdb (correct), seq 368:442, ack 605, win 237, length 74
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x6db9 (correct), seq 605, ack 442, win 8189, length 0
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0x1508 (correct), seq 442:516, ack 605, win 237, length 74
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x6d6f (correct), seq 605, ack 516, win 8189, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x8234 (correct), seq 605:679, ack 516, win 8192, length 74
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [.], cksum 0x8c35 (correct), seq 516, ack 679, win 237, length 0
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0x012f (correct), seq 516:590, ack 679, win 237, length 74
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x6cdb (correct), seq 679, ack 590, win 8189, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x90c9 (correct), seq 679:753, ack 590, win 8192, length 74
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [.], cksum 0x8ba1 (correct), seq 590, ack 753, win 237, length 0
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0xe69b (correct), seq 590:664, ack 753, win 237, length 74
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x6c47 (correct), seq 753, ack 664, win 8189, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x84a2 (correct), seq 753:827, ack 664, win 8192, length 74
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [.], cksum 0x8b0d (correct), seq 664, ack 827, win 237, length 0
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0x79c2 (correct), seq 664:738, ack 827, win 237, length 74
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x6bb3 (correct), seq 827, ack 738, win 8189, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x8cb1 (correct), seq 827:901, ack 738, win 8192, length 74
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [.], cksum 0x8a79 (correct), seq 738, ack 901, win 237, length 0

    If you were right and there was a Firewall or something blocking the Ping-Pong mechanism, it should not work at all. As other guys wrote here, the Client Authentication was working with no issue until MR-2.

    Anyway when a policy rule is changed, the problem appeared since the first XG release. So you should investigate why the ping-pong mechanism stops working after a policy rule is changed or when the computer comes back from sleep mode.

    If you need to investigate, let me know and I will send you all the logs you need.

    Thanks.

Reply
  • 0 in reply to sachingurung

    Sachin,

    I am using Sophos for MAC and this is the output from tcpdump from my MAC:

    192.168.0.7.55349 > 1.2.3.4.9922: Flags [F.], cksum 0x4201 (correct), seq 293920138, ack 1919232177, win 8192, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [S], cksum 0xe06e (correct), seq 2042191961, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 342598518 ecr 0,sackOK,eol], length 0
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [S.], cksum 0xb278 (correct), seq 120890518, ack 2042191962, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [.], cksum 0x455b (correct), seq 1, ack 1, win 8192, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0x0a6d (correct), seq 1:207, ack 1, win 8192, length 206
    ...1.2.3.4.
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [.], cksum 0x63a0 (correct), seq 1, ack 207, win 237, length 0
        1.2.3.4.9922 > 192.168.0.7.55349: Flags [.], cksum 0x610c (correct), seq 1, ack 1, win 245, length 0
        192.168.0.7.55349 > 1.2.3.4.9922: Flags [.], cksum 0x4201 (correct), seq 1, ack 1, win 8192, length 0
        1.2.3.4.9922 > 192.168.0.7.55349: Flags [P.], cksum 0x08fb (correct), seq 1:38, ack 1, win 245, length 37
        1.2.3.4.9922 > 192.168.0.7.55349: Flags [F.], cksum 0x60e6 (correct), seq 38, ack 1, win 245, length 0
        192.168.0.7.55349 > 1.2.3.4.9922: Flags [R], cksum 0xfd23 (correct), seq 293920139, win 0, length 0
        192.168.0.7.55349 > 1.2.3.4.9922: Flags [R], cksum 0xfd23 (correct), seq 293920139, win 0, length 0
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [P.], cksum 0x020c (correct), seq 1:146, ack 207, win 237, length 145
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [.], cksum 0x4401 (correct), seq 207, ack 146, win 8187, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0x2dea (correct), seq 207:213, ack 146, win 8192, length 6
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [.], cksum 0x6309 (correct), seq 146, ack 213, win 237, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0xf29a (correct), seq 213:266, ack 146, win 8192, length 53
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [.], cksum 0x62d4 (correct), seq 146, ack 266, win 237, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0x80b0 (correct), seq 266:303, ack 146, win 8192, length 37
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [.], cksum 0x62af (correct), seq 146, ack 303, win 237, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0xdb3c (correct), seq 303:393, ack 146, win 8192, length 90
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [P.], cksum 0xe93c (correct), seq 146:220, ack 303, win 237, length 74
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [.], cksum 0x42fb (correct), seq 393, ack 220, win 8189, length 0
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [P.], cksum 0xe61d (correct), seq 220:294, ack 393, win 237, length 74
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [.], cksum 0x42b1 (correct), seq 393, ack 294, win 8189, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0xf65c (correct), seq 393:515, ack 294, win 8192, length 122
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [P.], cksum 0xe031 (correct), seq 294:368, ack 515, win 237, length 74
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0x148e (correct), seq 515:605, ack 368, win 8189, length 90
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [P.], cksum 0x27f8 (correct), seq 368:442, ack 605, win 237, length 74
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [.], cksum 0x4149 (correct), seq 605, ack 442, win 8189, length 0
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [P.], cksum 0x359d (correct), seq 442:516, ack 605, win 237, length 74
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [.], cksum 0x40ff (correct), seq 605, ack 516, win 8189, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0x08e6 (correct), seq 605:679, ack 516, win 8192, length 74
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [.], cksum 0x5fc5 (correct), seq 516, ack 679, win 237, length 0
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [P.], cksum 0x3d91 (correct), seq 516:590, ack 679, win 237, length 74
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [.], cksum 0x406b (correct), seq 679, ack 590, win 8189, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [P.], cksum 0x1f0e (correct), seq 679:753, ack 590, win 8192, length 74
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [.], cksum 0x5f31 (correct), seq 590, ack 753, win 237, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [F.], cksum 0x401d (correct), seq 753, ack 590, win 8192, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [S], cksum 0x60f7 (correct), seq 3087639388, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 342663537 ecr 0,sackOK,eol], length 0
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [S.], cksum 0xdee8 (correct), seq 314960665, ack 3087639389, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x71cb (correct), seq 1, ack 1, win 8192, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0xe725 (correct), seq 1:207, ack 1, win 8192, length 206
    ...1.2.3.4.
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [.], cksum 0x9010 (correct), seq 1, ack 207, win 237, length 0
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [.], cksum 0x5f30 (correct), seq 590, ack 754, win 237, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [.], cksum 0x401d (correct), seq 754, ack 590, win 8192, length 0
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [P.], cksum 0xd071 (correct), seq 590:627, ack 754, win 237, length 37
        1.2.3.4.9922 > 192.168.0.7.55586: Flags [F.], cksum 0x5f0a (correct), seq 627, ack 754, win 237, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [R], cksum 0x0e42 (correct), seq 2042192715, win 0, length 0
        192.168.0.7.55586 > 1.2.3.4.9922: Flags [R], cksum 0x0e42 (correct), seq 2042192715, win 0, length 0
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0x9112 (correct), seq 1:146, ack 207, win 237, length 145
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x7071 (correct), seq 207, ack 146, win 8187, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x5a5a (correct), seq 207:213, ack 146, win 8192, length 6
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [.], cksum 0x8f79 (correct), seq 146, ack 213, win 237, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x3594 (correct), seq 213:266, ack 146, win 8192, length 53
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [.], cksum 0x8f44 (correct), seq 146, ack 266, win 237, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x53a9 (correct), seq 266:303, ack 146, win 8192, length 37
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [.], cksum 0x8f1f (correct), seq 146, ack 303, win 237, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x975e (correct), seq 303:393, ack 146, win 8192, length 90
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0xc561 (correct), seq 146:220, ack 303, win 237, length 74
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x6f6b (correct), seq 393, ack 220, win 8189, length 0
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0x4208 (correct), seq 220:294, ack 393, win 237, length 74
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x6f21 (correct), seq 393, ack 294, win 8189, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0xf722 (correct), seq 393:515, ack 294, win 8192, length 122
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0xc826 (correct), seq 294:368, ack 515, win 237, length 74
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x2fbf (correct), seq 515:605, ack 368, win 8189, length 90
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0x9bdb (correct), seq 368:442, ack 605, win 237, length 74
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x6db9 (correct), seq 605, ack 442, win 8189, length 0
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0x1508 (correct), seq 442:516, ack 605, win 237, length 74
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x6d6f (correct), seq 605, ack 516, win 8189, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x8234 (correct), seq 605:679, ack 516, win 8192, length 74
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [.], cksum 0x8c35 (correct), seq 516, ack 679, win 237, length 0
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0x012f (correct), seq 516:590, ack 679, win 237, length 74
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x6cdb (correct), seq 679, ack 590, win 8189, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x90c9 (correct), seq 679:753, ack 590, win 8192, length 74
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [.], cksum 0x8ba1 (correct), seq 590, ack 753, win 237, length 0
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0xe69b (correct), seq 590:664, ack 753, win 237, length 74
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x6c47 (correct), seq 753, ack 664, win 8189, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x84a2 (correct), seq 753:827, ack 664, win 8192, length 74
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [.], cksum 0x8b0d (correct), seq 664, ack 827, win 237, length 0
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [P.], cksum 0x79c2 (correct), seq 664:738, ack 827, win 237, length 74
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [.], cksum 0x6bb3 (correct), seq 827, ack 738, win 8189, length 0
        192.168.0.7.55626 > 1.2.3.4.9922: Flags [P.], cksum 0x8cb1 (correct), seq 827:901, ack 738, win 8192, length 74
        1.2.3.4.9922 > 192.168.0.7.55626: Flags [.], cksum 0x8a79 (correct), seq 738, ack 901, win 237, length 0

    If you were right and there was a Firewall or something blocking the Ping-Pong mechanism, it should not work at all. As other guys wrote here, the Client Authentication was working with no issue until MR-2.

    Anyway when a policy rule is changed, the problem appeared since the first XG release. So you should investigate why the ping-pong mechanism stops working after a policy rule is changed or when the computer comes back from sleep mode.

    If you need to investigate, let me know and I will send you all the logs you need.

    Thanks.

Children
No Data