Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
minhhaivietnam
Collaborator

Error: Server to client packet of an old TCP connection on R80.10

Hello all,

I'm newbie in checkpoint, and I encounter a log of dropping packet like thisUntitled.png

 

Please anyone tell me the reason for this?

Is this because timeout of service is end, while no packet transfers between source and destination?

And what is the original of TCP flasg above(RST): is it in packet (which is just droped) or it is from firewall to tell src and dst close connection?

Can I solve by increase timeout of my service (TCP_5702 above)

Thanks in advance.

 

 

 

 

 

 

 

 

 

 

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

A TCP RST generally means "close the connection" but it has other meanings depending on the precise context.
If there were other flags as part of the packet, they would have been included in the log entry.

Without having a record of the TCP connection in the connections table, which only gets added upon seeing the initial 3-way handshake, we will drop "out of state" TCP packets like this.
TCP connections get removed from the connections table either when we see the closing 3-way handshake OR the connection times out of the connection table, which will happen (by default) if there is no activity on the connection for 3600 seconds (one hour).

Yes, you can increase the TCP timeout, either globally or on a per-service basis.
Whether that will solve the problem in your case depends on a number of factors, but that's usually where people start.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events