topic Re: Violated unidirectional connection in Spark Firewall (SMB)

Violated unidirectional connection

Frank_Hauser — Wed, 03 Oct 2018 17:28:38 GMT

I'm desperately looking for an error in my CP 600 R77.20.80 configuration.
My clients don't get the latest internet time anymore.
In the log at service ntp/123 inbound I see "Violated unidirectional connection".
Can anyone help me?
Thank you,
Frank.

Re: Violated unidirectional connection

AlekseiShelepov — Wed, 03 Oct 2018 19:31:13 GMT

UDP Traffic on 600 / 700 appliances is dropped due to "Violated Unidirectional Connection"

Re: Violated unidirectional connection

Vladimir — Thu, 04 Oct 2018 02:58:56 GMT

If the situation you are experiencing is similar to the one described in the SK Aleksei Shelepov‌ have referred to, you are better off configuring your clients to get their time from external NTP servers, same as your internal network is using as reference source.

So long as this is the only UDP service you are experiencing problem with, it should solve your issues.

Re: Violated unidirectional connection

Nicolay_Astasho — Wed, 21 Nov 2018 08:12:59 GMT

Go to Service > create that specific UDP port service > go to advanced and tick "Accept Replies". Then go to policy and create new incoming rule (unless already created) using that specific port (service that you created).

Re: Violated unidirectional connection

Ricardo_Gros — Wed, 21 Nov 2018 09:11:09 GMT

You need to have a specific rule accepting this traffic on your rule set, you also should do as Nicolay is stating and create a specific service accepting udp replies.

Re: Violated unidirectional connection

HCL_Security_Te — Mon, 22 Jul 2019 10:13:13 GMT

Specific rule is works nice, Thanks for the solution. 🙂