FW 60001 - Default DROP - Hybrid Migration

Question

Hello All, I tried to do an Hybrid Migration from my Exchange to Office365 but the UTM block me with a default drop 60001 on the FW logs. I add three rules on my FW, 40.96.18.18=>ANY=>ANY / EXC=>ANY=>ANY / And finaly ANY=>ANY=>ANY but nothing changed. I'm not happy to see the FW don't care about my FW rules, and it's not the first time the 60001 give me some trouble... 
 Do you know how to disable it ? How maybe how to manage it ? Thank you, have a good day. 
 
 sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="ppp2" srcip="40.96.18.189" dstip="202.22.XXX.XXX" proto="6" length="40" tos="0x00" prec="0x00" ttl="239" srcport="8543" dstport="443" tcpflags="RST" 
 > 2018:02:14-09:15:47 blockade ulogd[5559]: id="2001" severity="info" 
 sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="ppp2" srcip="40.96.18.189" dstip="202.22.XXX.XXX" proto="6" length="40" tos="0x00" prec="0x00" ttl="238" srcport="63171" dstport="443" tcpflags="RST" 
 >

DouglasFoster · Answer

I have been talking with support about similar data recently, and they have assured me that it can be ignored. Here is what I think is happening: 
 1) UTM decides to close the connection and sends a Goodbye packet. 
 2) The remote device is supposed to send a Goodbye confirmation. UTM doesn't care to wait around, so it moves on. 
 3) The remote goodbye packet is received. UTM has already moved on, so the packet is unmatched to any open connection, and is dropped as noise. 
 I think this applies to anything with RST or FIN in the TCP Flags field. I think most of my examples have had an ACK flag as well, but I am suspect the absence of an ACK in your data is not critical.