This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Muazzam
Contributor
Contributor
‎2021-08-30 08:55 AM

Port re-use issue on R80.20

Hardware: 13800 or 23500
OS: GAIA R80.20 T103 or T161
Blades: Only FW


Overall utilization of the firewall is low, throughput around 100-200 Mbps, cores mostly in single digits.
Interface drops: Some drops but less than 0.001%

We have similar issues on multiple firewalls but not able to find any clear SK on our issue.
What we found is that firewall use the same NAT source port before a previous connection has completely expires and this cause a drop on the vendor side among other symptoms we have seen.

There are other factors that we are considering as the traffic goes from end-user to proxy to load balancer, multiple NAT's involved, finally traffic goes to out to the external vendor.

Just wondering if anyone has seen the port NAT source port re-use issue?
I heard that R80.40 works in a different way for allocating the NAT ports?

0 Kudos
2 Replies
the_rock
Legend
Legend
‎2021-08-30 10:57 AM

I have a feeling below might be your solution...but if not, you may wish to contact TAC possibly and confirm.

 

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

0 Kudos
Muazzam
Contributor
Contributor
‎2021-08-30 01:50 PM
In response to the_rock

The SK looks related to this issue.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    Virtual

    Tue 23 Apr 2024 @ 11:00 AM (EDT)

    East US: What's New in R82
    Virtual

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Thu 25 Apr 2024 @ 10:00 AM (CEST)

    The Anatomy of a Cloud Hack by NotSoSecure - EMEA Session

    Thu 25 Apr 2024 @ 06:00 PM (IDT)

    The Anatomy of a Cloud Hack by NotSoSecure - America Session
    Virtual

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap
    Virtual

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82
    Virtual

    Tue 23 Apr 2024 @ 11:00 AM (EDT)

    East US: What's New in R82
    Virtual

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap
    Virtual

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap
    Virtual

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82
    Virtual

    Thu 02 May 2024 @ 04:00 PM (CEST)

    CheckMates Live DACH - Keine Kompromisse - Sicheres SD-WAN
    Virtual

    Thu 02 May 2024 @ 05:00 PM (CEST)

    SASE Masters: Deploying Harmony SASE for a 6,000-Strong Workforce in a Single Weekend
    CheckMates Events