Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Madmaks
Contributor

Can not access to secondary firewall via 4434 web port

Hi All,

I can access to Primary firewal via ssh or webport(4434) but  I can not access to Secondary firewall via webport 4434. No problem for ssh for secondary firewall.

 

When I run Tcpdump on Secondary firewall, it seems like below, firewall look like refused my request.

 

[Expert@FW2:0]# tcpdump -nni any port 4434
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
11:47:03.117833 IP 192.168.10.221.50383 > 192.168.1.4.4434: Flags [S], seq 3186800256, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
11:47:03.118832 IP 192.168.1.4.4434 > 192.168.10.221.50383: Flags [R.], seq 0, ack 3186800257, win 0, length 0
11:47:03.118832 IP 192.168.10.221.50384 > 192.168.1.4.4434: Flags [S], seq 3423484587, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
11:47:03.119831 IP 192.168.1.4.4434 > 192.168.10.221.50384: Flags [R.], seq 0, ack 3423484588, win 0, length 0
11:47:03.371832 IP 192.168.10.221.50385 > 192.168.1.4.4434: Flags [S], seq 1634878868, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
11:47:03.372831 IP 192.168.1.4.4434 > 192.168.10.221.50385: Flags [R.], seq 0, ack 1634878869, win 0, length 0
11:47:03.635832 IP 192.168.10.221.50384 > 192.168.1.4.4434: Flags [S], seq 3423484587, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0

 

R81.20  and jumbo 76 installed

 

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

Clearly something is sending a TCP Reset.
Can you confirm access works correctly if you fail over to the secondary node?

0 Kudos
the_rock
Legend
Legend

Does chaning the port make any difference?

Andy

0 Kudos
the_rock
Legend
Legend

Hey @Madmaks Were you able to figure this out?

Andy

0 Kudos
CheckPointerXL
Advisor
Advisor

did the 192.168.1.* network belong to the first fw's interface hitted by your packet flow?

 
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events