Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
FWNinja
Contributor

Private traffic match Internet Object

Hi guys,

specific traffic with a private ip as destination, is matching a rule with the "Internet" object in destination field. This traffic don't pass trough External/DMZ interfaces.

Do you have any ideas?

Thanks and best regards

Francesco

0 Kudos
Reply
11 Replies
PhoneBoy
Admin
Admin

Version/JHF level?
What is the precise rule (screenshot helpful)?
What interfaces does the traffic pass through and how is the topology defined on the relevant interfaces?

0 Kudos
Reply
FWNinja
Contributor

R80.30 take_219 installed.

I attached screenshots.

The traffic pass through "Internal" interfaces ("This Network" in the topology).

Thanks and Best Regards

Francesco

 

0 Kudos
Reply
_Val_
Admin
Admin

Quoting from sk64543:

"Internet" means "include all traffic directed to External or DMZ according to gateway topology".

Internet object, unlike many people expect, do not represent all routable Internet addresses. Instead, it is a sum if all networks that GW does not have defined as internal.

Check your internal networks in question are defined in GW topology. If this is not the case, system is working as designed.

 

0 Kudos
Reply
FWNinja
Contributor

Hi,

Traffic is passing through interfaces defined as "This network" or internal.

So, this traffic should not match policies configured with Internet object in destination field.

Thanks

Francesco

0 Kudos
Reply
_Val_
Admin
Admin

We cannot establish that, since you did not post your GW topology. If you are 100% positive that is the case, raise a TAC support request.

0 Kudos
Reply
FWNinja
Contributor

I attached screenshots.

Thanks

Francesco

0 Kudos
Reply
_Val_
Admin
Admin

Already said above, open a service request.

0 Kudos
Reply

Yeah, give us some more info. For example if it is a private IP but in a peer VPN domain it will be considered external (Internet).

0 Kudos
Reply
FWNinja
Contributor

It's not a VPN traffic.

I attached screenshots in the previous reply.

Thanks and Best Regards

Francesco

0 Kudos
Reply
Ilya_Yusupov
Employee
Employee

Hi @FWNinja ,

 

according to log detail screen shot you matched on Rule 140 but you put screen shot of rule 142.

can you share rule 140?

 

Thanks,

Ilya 

0 Kudos
Reply
FWNinja
Contributor

Hi,

the rule is the same. The customer added 2 rules before and the rule 140 become 142.

Thanks

Francesco

0 Kudos
Reply