Hi All,
Our Firewall drops traffic between client and server randomly and we can't figure out why. Here are configuration and the log info found
Host A is configured as Client
Host B is configured as Server
In the Checkpoint traffic details:
Source: Host B's IP Address
Destination: Host A's IP Address
TCP Packet out of state: First packet isn't SYN
TCP Flags: ACK
If TCP Flags is ACK, this means that the source is trying to send ACK to the destination. But the firewall blocks it because this is not following the TCP 3-way handshake. Is my understanding correct?
If true, why is the source which is configured as the server sending an ACK? Any ideas?
Thank you!
Best regards