AnsweredAssumed Answered

TCP port reuse between Check Point Remote Access Gateway and Loadbalancer

Question asked by Dialungana Malungo on Feb 7, 2019
Latest reply on Feb 10, 2019 by Timothy Hall

Dear Mates

 

I need a hand.

 

We are currently having an issue with one of our application that is accessed through Check Point Endpoint Security. The application is behind a loadbalancer which then distributes the traffic to the servers where the applications are running.

We are doing NAT of the Office Pool with the VPN gateway internal address. So the IP that reaches the Load balancer is the IP of the VPN Gateway, which is then NATTed by the load balancer.

The issue is that the application sometimes works and other times it stops working. I did capture the traffic when it stops working, and the message i see is: 

 

[Expert Info (Note/Sequence): A new tcp session is started with the same ports as an earlier session in this trace]
[A new tcp session is started with the same ports as an earlier session in this trace]

 

10.25.193.214 is the IP of the Loadbalancer

192.168.1.1 is the IP of the RA VPN gateway

 

I need an help to know if the port is being reused by the Firewall or the LoadBalancer. and How this situation could be resolved.

 

Thanks in advance

Outcomes