AnsweredAssumed Answered

NAT Issue after R80.20 Upgrade

Question asked by Yuri Malkov on Dec 3, 2018
Latest reply on Dec 3, 2018 by Dameon Welch-Abernathy

Hello Experts,

 

We upgraded to R80.20 on our manager and cluster. We have very weird behavior on incoming and outgoing trafic for a few NAT addresses. We are using manual NAT with some proxy arp entries configured in gaia. Some NAT are working but some are not working anymore.

 

What we see in fw monitor is i/I/o only and the NATed IP in "o" (secure xl disabled during capture). No logs in Smart Log fot this trafic. No logs in fw ctl zdebug drop. Output of fw ctl arp is "No proxy arp entries". The firewall does not reply to arp request, devices on the same segment do not have arp entries for this IP. Merge proxy arp is ticked in global properties.

 

Any idea is welcome. Thank you.

Outcomes