Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
amdhim0004
Contributor

dropped by misp_rt_chain ?

Jump to solution

Hello All,

 

Can you please help me to understand the below debug.

 

[cpu_1];[fw4_0];fw_log_drop_ex: Packet proto=47 65.**.**.123:0 -> 165.**.**.12:2048 dropped by misp_rt_chain Reason: Interface is inactive;
;[cpu_1];[fw4_0];fw_log_drop_ex: Packet proto=47 65.**.**.123:0 -> 165.**.**.12:2048 dropped by misp_rt_chain Reason: Interface is inactive;

 

 

Not sure what dropped by misp_rt_chain means. 

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

You can set it on a per service basis or per management domain, not per gateway.

View solution in original post

5 Replies
Timothy_Hall
Champion
Champion

"Multiple ISP" aka ISP Redundancy.  I'm guessing "rt" stands for routing, as in the packet can't be routed to one of your ISPs as the interface associated with that ISP is not working or defined incorrectly.

New 2021 IPS/AV/ABOT Immersion Self-Guided Video Series
now available at http://www.maxpowerfirewalls.com
amdhim0004
Contributor

Thanks @Timothy_Hall 

Yes, that's right we have 2 ISPs on that device.

Also, Primary ISP was down during the logs.

But why this traffic is still trying to go out via primary ISP when it was down?

Is anything related to old connections, Any suggestion?

0 Kudos
PhoneBoy
Admin
Admin
amdhim0004
Contributor

Hi @PhoneBoy 

Thanks for your response. Understood old connection should be trimmed out or should be reinitiated. 

Do we have any option to change the connection timer based on a protocol to a specific gateway?

 

(We can do the same from CMA global properties but that will be global. is there any option to do the same on gateway level)  

0 Kudos
PhoneBoy
Admin
Admin

You can set it on a per service basis or per management domain, not per gateway.