Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 2 subscribers
  • Views 2494 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM pinging VPN Server

xeonic
Hi,

I have a dedicated PC that I use to connect to a VPN service, the PC uses Ubuntu and OpenVPN. I have it setup to use to connect to a remote server using port 1194. I have the appropriate firewall rule setup in the UTM and I can connect and use the VPN service without issue. However, I have noticed that while I am connected to the VPN, the UTM constantly pings the remote VPN server IP address. I have hundreds of dropped ICMP packets that look like such in the firewall log:

21:14:25 Default DROP ICMP  →  len=576 ttl=64 tos=0x00 srcmac=0:xx:xx:xx:xx:xx

Why would the UTM itself be pinging the VPN server? The VPN configuration/connection has nothing to do with the UTM other then allowing the VPN traffic to pass-through from the PC to the remote VPN server.

Thanks.


This thread was automatically locked due to age.
  • 0
    Hi,

    do you have configured a network object in your utm for the remote vpn server - maybe an availability group object?

    Regards
    Manfred
  • 0 in reply to Hallowach2
    Hi Manfred,

    I do not have a network object defined for the remote VPN server.

    Thanks.
  • 0
    Please always remember to state the exact version - 9.105-9?

    Alone among all of the Live Logs, the Firewall Live Log presents a small portion of the data in a more-readable format.  This allows you to spot problems, but not to analyze them.  Please post the same line from the full Firewall log file from yesterday.

    Cheers - Bob
  • 0 in reply to BAlfson
    My apologizes Bob, I am indeed running 9.105-9 on my own hardware.

    Here is the the full record from the firewall log:

    2013:09:29-21:14:25 router ulogd[4630]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="0:xx:xx:xx:xx:xx" srcip="" dstip="" proto="1" length="576" tos="0x00" prec="0xc0" ttl="64" type="11" code="1"

    Thanks.