- Products
- Learn
- Local User Groups
- Partners
- More
Introduction to Lakera:
Securing the AI Frontier!
Quantum Spark Management Unleashed!
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
SharePoint CVEs and More!
This proves what you have said already, but does not bring any additional info, other than it seem you are using Modbus TCP over port 502.
According to the specifications, Server should not send ACK, see page 17 here: https://modbus.org/docs/Modbus_Messaging_Implementation_Guide_V1_0b.pdf
I suggest running traces to prove the dropped packet is indeed ACK and not ACK-FIN, when coming from the server. If it is, you need to talk to the application owners, of you can try disabling stateful inspection selectively as mentioned above.
If server actually sends something other than a clean ACK, but FW considers it to be ACK and drops it eventually, you need to take it with TAC
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
