Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ilham_Syuhada
Explorer

Management traffic over bridge interface

Hi Everyone,

I have deployment R80.20SP Security Group with two SGMs. The SG is running as bridge with some bridge interfaces and every bridge interfaces are consist of 2 VLAN Interfaces with no IP Address.

Traffic from SG's management interface to internet needs to pass SG bridge interface. The Anti-Virus & Anti-Bot are not able to update database and i found traffic dropped when coming in to bridge interface with following drop log "local interface spoofing" after running sk105899 & disable stateful inspection, no same drop message and appear the new log like this :

[1_02]@;1309518;[cpu_1];[fw4_5];fw_log_drop_ex: Packet proto=6 10.199.10.27:3461 1 -> 23.217.113.224:443 dropped by fw_handle_first_packet Reason: fwconn_key_ini t_links (INBOUND) failed;

Anyone have same experience or know the appropriate SK for this case ?

Thank you.

 

 

0 Kudos
1 Reply
_Val_
Admin
Admin

Please open TAC request for this

0 Kudos