- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- Re: Cloudgaurd R80.10 virtual gw (NSX-V 6.7) drop...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Cloudgaurd R80.10 virtual gw (NSX-V 6.7) droping TCP 3 way handshake's 3rd ACK packet
This is a example test capture and IPs are test IPs.
Client: 10.68.65.230 Server:10.68.86.9:tcp443 is the communication I am looking at.
I want to understand why 3rd ACK [packet 8] doesnt have full chain captured in this "fw monitor" capture.
For example, if you look the first [SYN] you will see all (x0eth2,i1eth2, I7eth2,o1eth2,O8eth2,X0eth2) all packets in the capture.
Why I dont see that full chain for packet number 8?
Does that mean, (the 3rd packet [ACK] of tcp 3 way handshake), is dropped by Cloudguard?
The actual issue is the server (10.68.86.9) never recieves the ACK and hence 3 way tcp handshake never completes from server perspective and hence conenction failing.
Why I am not seeing the full chain for the 8th packet in the attahced is a puzzle to me ??
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That's likely and fw ctl zdebug drop should tell you why if it's not in the logs.