This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Does our firewall has capable for State packet Inspection?

JoseMendez over 8 years ago

Hello Everyone,

I would like to know if someone know how to fix this Default DROP rules below.

Current setup:

WAN IP --- 192.168.1.230/24 UTM Outgoing Interfac

LAN IP ---- 172.20.147.250/24 - Local Gateway UTM

Test PC ---- 172.20.147.210

If you'd notice from LAN going to Internet is good but the return path must go to WAN IP Address first. The port number is the same 57253 which created by random source port. Kindly advise what is the best practice to fix this issue.

Thanks for your time.

-Joe

This thread was automatically locked due to age.

Parents

Emile Belcourt over 8 years ago

Hi Joe,

If you are seeing dropped return packets, check what the packet type is, if they are RST, FIN or ACK FIN packets then they UTM has already statefully detected that the communication was closed from the client end so any other packets received from the Webserver either because of out of order or otherwise then the UTM will just drop them because it knows the connection was shut off before these packets were received.

Emile
Cancel
Vote Up 0 Vote Down

Cancel

Reply

Emile Belcourt over 8 years ago

Hi Joe,

If you are seeing dropped return packets, check what the packet type is, if they are RST, FIN or ACK FIN packets then they UTM has already statefully detected that the communication was closed from the client end so any other packets received from the Webserver either because of out of order or otherwise then the UTM will just drop them because it knows the connection was shut off before these packets were received.

Emile
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data