cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Krishna
Iron

Post-Encrypt traffic is not visible in Fw monitor. Other end FW is not receiving traffic sent by me

Below are the logs collected from the primary gateway of my firewall. In "O" the source IP is getting NATed to the NAT IP and then pre-encrypt is shown and not receiving the POST-encrpt packet.The other end firewall is not observing any traffic.

 

 

[vs_0][fw_2] eth1:i[60]: 10.140.96.6 -> 10.232.144.14 (TCP) len=60 id=42611
TCP: 40768 -> 515 .S.... seq=24587d9c ack=00000000
[vs_0][fw_2] eth1:I[60]: 10.140.96.6 -> 10.232.144.14 (TCP) len=60 id=42611
TCP: 40768 -> 515 .S.... seq=24587d9c ack=00000000
[vs_0][fw_2] eth0:o[60]: 10.140.96.6 -> 10.232.144.14 (TCP) len=60 id=42611
TCP: 40768 -> 515 .S.... seq=24587d9c ack=00000000
[vs_0][fw_2] eth0:O[60]: 10.40.112.6 -> 10.232.144.14 (TCP) len=60 id=42611
TCP: 40768 -> 515 .S.... seq=24587d9c ack=00000000
[vs_0][fw_2] eth0:e[60]: 10.40.112.6 -> 10.232.144.14 (TCP) len=60 id=42611
TCP: 40768 -> 515 .S.... seq=24587d9c ack=00000000

0 Kudos
3 Replies
Admin
Admin

Re: Post-Encrypt traffic is not visible in Fw monitor. Other end FW is not receiving traffic sent by

Have you done any fw ctl debug by chance?
You might also add -p all to your fw monitor CLI.
Some fw ctl debug: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
0 Kudos

Re: Post-Encrypt traffic is not visible in Fw monitor. Other end FW is not receiving traffic sent by

Really sounds like the tunnel is down, have you checked with vpn tu
Is anything showing (is it logged?) in the logs?
Regards, Maarten
0 Kudos
Highlighted
Krishna
Iron

Re: Post-Encrypt traffic is not visible in Fw monitor. Other end FW is not receiving traffic sent by

The issue is interlinked with another issue(link below) and once that is resolved, this got resolved automatically.

https://community.checkpoint.com/t5/CloudGuard-IaaS/The-NAT-issue-on-CP-firewall-deployed-in-the-Azu...
0 Kudos