Cloudgaurd R80.10 virtual gw (NSX-V 6.7) droping TCP 3 way handshake's 3rd ACK packet

This is a example test capture and IPs are test IPs.

Client:     Server: is the communication I am looking at.

I want to understand why 3rd ACK [packet 8] doesnt have full chain captured in this "fw monitor" capture.

For example, if you look the first [SYN] you will see all (x0eth2,i1eth2, I7eth2,o1eth2,O8eth2,X0eth2) all packets in the capture.

Why I dont see that full chain for packet number 8?

Does that mean, (the 3rd packet [ACK] of tcp 3 way handshake),  is dropped by Cloudguard?

The actual issue is the server ( never recieves the ACK and hence 3 way tcp handshake never completes from server perspective and hence conenction failing.

Why I am not seeing the full chain for the 8th packet in the attahced is a puzzle to me ??



0 Kudos
1 Reply

That's likely and fw ctl zdebug drop should tell you why if it's not in the logs.

0 Kudos