Is the WAN connection PPPoE?
Or are you using any of the following IPS protections:
* When IPS protection "SYN Attack" ("SYNDefender") is activated in SmartDefense / IPS.
* When IPS protection "Small PMTU" is activated in SmartDefense / IPS.
* When IPS protection "Network Quota" is activated in SmartDefense / IPS (refer to sk31630).
* When IPS protection "Malicious IPs" (DShield.org Storm Center) is activated in SmartDefense / IPS (because it uses Dynamic Objects).
Please also share the following output to start:
[Expert@MyGW:0]# fwaccel stat
CCSM R77/R80/ELITE