This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Muazzam
Contributor
Contributor
‎2021-08-30 08:55 AM

Port re-use issue on R80.20

Hardware: 13800 or 23500
OS: GAIA R80.20 T103 or T161
Blades: Only FW


Overall utilization of the firewall is low, throughput around 100-200 Mbps, cores mostly in single digits.
Interface drops: Some drops but less than 0.001%

We have similar issues on multiple firewalls but not able to find any clear SK on our issue.
What we found is that firewall use the same NAT source port before a previous connection has completely expires and this cause a drop on the vendor side among other symptoms we have seen.

There are other factors that we are considering as the traffic goes from end-user to proxy to load balancer, multiple NAT's involved, finally traffic goes to out to the external vendor.

Just wondering if anyone has seen the port NAT source port re-use issue?
I heard that R80.40 works in a different way for allocating the NAT ports?

0 Kudos
2 Replies
the_rock
Legend
Legend
‎2021-08-30 10:57 AM

I have a feeling below might be your solution...but if not, you may wish to contact TAC possibly and confirm.

 

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

0 Kudos
Muazzam
Contributor
Contributor
‎2021-08-30 01:50 PM
In response to the_rock

The SK looks related to this issue.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events