https://community.checkpoint.com/t5/Firewall-and-Security-Management/Evil-Ping-ICMP-and-TCP-Ephemeral-dropped-packet/m-p/144239#M22455 <P>Hi Expert,</P><P>I am trying to reach from source to destination on port 22 but in tracker, opposite direction traffic is showing as source port 22 and destination port TCP-Ephemeral-32768-61000 which is dropping by Firewall. attached is the tracker logs.</P><P>What could be the reason of this issue ? Please advice.</P> Mon, 21 Mar 2022 02:36:00 GMT shamimalam 2022-03-21T02:36:00Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Evil-Ping-ICMP-and-TCP-Ephemeral-dropped-packet/m-p/144239#M22455 <P>Hi Expert,</P><P>I am trying to reach from source to destination on port 22 but in tracker, opposite direction traffic is showing as source port 22 and destination port TCP-Ephemeral-32768-61000 which is dropping by Firewall. attached is the tracker logs.</P><P>What could be the reason of this issue ? Please advice.</P> Mon, 21 Mar 2022 02:36:00 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Evil-Ping-ICMP-and-TCP-Ephemeral-dropped-packet/m-p/144239#M22455 shamimalam 2022-03-21T02:36:00Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Evil-Ping-ICMP-and-TCP-Ephemeral-dropped-packet/m-p/144311#M22456 <P>If you're not seeing the outbound port 22 connection in the logs, it could easily be an asymmetric routing situation.<BR />Have you verified with tcpdump the entire flow is coming through the gateway?</P> Mon, 21 Mar 2022 15:16:19 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Evil-Ping-ICMP-and-TCP-Ephemeral-dropped-packet/m-p/144311#M22456 PhoneBoy 2022-03-21T15:16:19Z