topic Management traffic over bridge interface in Hyperscale Firewall (Maestro) https://community.checkpoint.com/t5/Hyperscale-Firewall-Maestro/Management-traffic-over-bridge-interface/m-p/115377#M464 <P>Hi Everyone,</P><P>I have deployment R80.20SP Security Group with two SGMs. The SG is running as bridge with some bridge interfaces and every bridge interfaces are consist of 2 VLAN Interfaces with no IP Address.</P><P>Traffic from SG's management interface to internet needs to pass SG bridge interface. The Anti-Virus &amp; Anti-Bot are not able to update database and i found traffic dropped when coming in to bridge interface with following drop log "local interface spoofing" after running sk105899 &amp; disable stateful inspection, no same drop message and appear the new log like this :</P><P>[1_02]@;1309518;[cpu_1];[fw4_5];fw_log_drop_ex: Packet proto=6 10.199.10.27:3461 1 -&gt; 23.217.113.224:443 dropped by fw_handle_first_packet Reason: fwconn_key_ini t_links (INBOUND) failed;</P><P>Anyone have same experience or know the appropriate SK for this case ?</P><P>Thank you.</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 06 Apr 2021 11:39:02 GMT Ilham_Syuhada 2021-04-06T11:39:02Z Management traffic over bridge interface https://community.checkpoint.com/t5/Hyperscale-Firewall-Maestro/Management-traffic-over-bridge-interface/m-p/115377#M464 <P>Hi Everyone,</P><P>I have deployment R80.20SP Security Group with two SGMs. The SG is running as bridge with some bridge interfaces and every bridge interfaces are consist of 2 VLAN Interfaces with no IP Address.</P><P>Traffic from SG's management interface to internet needs to pass SG bridge interface. The Anti-Virus &amp; Anti-Bot are not able to update database and i found traffic dropped when coming in to bridge interface with following drop log "local interface spoofing" after running sk105899 &amp; disable stateful inspection, no same drop message and appear the new log like this :</P><P>[1_02]@;1309518;[cpu_1];[fw4_5];fw_log_drop_ex: Packet proto=6 10.199.10.27:3461 1 -&gt; 23.217.113.224:443 dropped by fw_handle_first_packet Reason: fwconn_key_ini t_links (INBOUND) failed;</P><P>Anyone have same experience or know the appropriate SK for this case ?</P><P>Thank you.</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 06 Apr 2021 11:39:02 GMT https://community.checkpoint.com/t5/Hyperscale-Firewall-Maestro/Management-traffic-over-bridge-interface/m-p/115377#M464 Ilham_Syuhada 2021-04-06T11:39:02Z Re: Management traffic over bridge interface https://community.checkpoint.com/t5/Hyperscale-Firewall-Maestro/Management-traffic-over-bridge-interface/m-p/115577#M467 <P>Please open TAC request for this</P> Thu, 08 Apr 2021 12:17:28 GMT https://community.checkpoint.com/t5/Hyperscale-Firewall-Maestro/Management-traffic-over-bridge-interface/m-p/115577#M467 _Val_ 2021-04-08T12:17:28Z