This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Luciano_Cirino
Contributor
‎2023-07-31 05:20 AM

Problem with asymmetry

Good morning everyone,

We are facing an issue with a specific access. When trying to access it, the packet that should exit through the eth8.7 interface, one of the providers we have, is going out through another interface that is not configured.

Problem with asymmetry? Has anyone experienced this before?

Below is an image with the packet capture details.

0 Kudos
10 Replies
Chris_Atkinson
Employee Employee
Employee
‎2023-07-31 05:24 AM

More details are likely required about your configuration, things like NAT and ISP redundancy config?

What does your routing table show as the correct egress path for the destination?

CCSM R77/R80/ELITE
the_rock
Legend
Legend
‎2023-07-31 05:51 AM

Make sure topology is correct and routes are also indeed right. Run ip r g command, ie ip r g 8.8.8.8

Andy

0 Kudos
the_rock
Legend
Legend
‎2023-07-31 06:02 AM

Also, Im little confused by your statement "...is going out through another interface that is not configured"

How is that even possible?

Andy

0 Kudos
Luciano_Cirino
Contributor
‎2023-07-31 11:00 AM
In response to the_rock

I'm sorry for the lack of details in the previous explanation.

The packet enters through the interface eth8.7 (link A), goes through the inspection and NAT flow correctly, and then it is returned through eth8.8 (link B).

0 Kudos
the_rock
Legend
Legend
‎2023-07-31 11:16 AM
In response to Luciano_Cirino

Question...is this brand new issue or just started recently? Any changes made?

 

Andy

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2023-07-31 04:19 PM
In response to Luciano_Cirino

Can you please show the routing table output for this destination also is there any PBR configured that would match this traffic?

CCSM R77/R80/ELITE
0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2023-07-31 06:39 AM

I would involve CP TAC asap to get this fixed...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Luciano_Cirino
Contributor
‎2023-07-31 11:00 AM
In response to G_W_Albrecht

We would like to inform you that we are already in contact with the TAC. Thank you.

the_rock
Legend
Legend
‎2023-07-31 12:04 PM
In response to Luciano_Cirino

What was done with TAC so far?

Andy

0 Kudos
the_rock
Legend
Legend
‎2023-07-31 05:56 PM
In response to Luciano_Cirino

If you could send us below from expert mode, would help, for sure.

route

netstat -nr

clish -c "show route all"

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top