We are having CP 23k chassis and running VSX on it. We are also having 3 layer security architecture. Since last 2-3 days users are complaining about major access (intranet or internet etc.) not working and problem is growing further and further. When i performed fw ctl drop debugs on DMZ-VS i encountered below error messages:
;[vs_7];[tid_0];[fw4_0];fw_log_drop_ex: Packet proto=6 <ip>:64062 -> ,ip>:80 dropped by fw_send_log_drop Reason: Rulebase - ERROR;
;[vs_7];[tid_0];[fw4_0];[ERROR]: up_rulebase_should_drop_possible_on_SYN: conn dir 0, <ip>:52193 -> ,<ip>:80, IPP 6 required_4_match = 0x100200, not expected required_4_match = 0x100000;
VS-7 is our DMZ VS. I have tried to google for this error message but there is no useful information available. I have already raised TAC case with Diamond support. But wondering if someone has encountered this kind of issue and can advise what root cause and solution can be?
Any help or information is much appreciated.