Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
LostBoY
Advisor
Jump to solution

Ping Response for Trusted Network

Hello,

 

I have a Cluster with R80.40 .. the requirement is to define an internal Network as a trusted NW on eth1 in the Network Management - Topology.

So i ran a continuous ping from Src to Destination and the Src NW is defined as a Trusted Source under Eth1 Topology.

But the issue is after i install the policy i can only see the first packet of ping in the logs while the ping is successfully running on the Source Machine.

When i remove this NW from topology .. all ping packets are seen in logs

 

How can i see all the ping packets in logs and not just the first packet.

0 Kudos
1 Solution

Accepted Solutions
Maarten_Sjouw
Champion
Champion
You will not see all packets as they are seen as part of 1 session.
When you would see each and every ping packet of a session, your logs would be filling very rapidly.
The reason you see all drops is due to the fact it does not keep information about sessions on dropped packets, so every new ping packet will be seen as a separate, to be examined, packet.
Regards, Maarten

View solution in original post

3 Replies
Maarten_Sjouw
Champion
Champion
You will not see all packets as they are seen as part of 1 session.
When you would see each and every ping packet of a session, your logs would be filling very rapidly.
The reason you see all drops is due to the fact it does not keep information about sessions on dropped packets, so every new ping packet will be seen as a separate, to be examined, packet.
Regards, Maarten
LostBoY
Advisor
So is this expected behavior on Checkpoint ? cause on Cisco i have seen logs for every single packet while running a continuous ping
0 Kudos
Maarten_Sjouw
Champion
Champion
Indeed expected behaviour.
Regards, Maarten

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events