AnsweredAssumed Answered

Drops on accept rule

Question asked by Jon Dyke on Aug 22, 2018
Latest reply on Aug 24, 2018 by Valeri Loukine

Hi All

 

I am currently having a very odd issue that I cannot get to the bottom of on pair of R80.10 gateways.  I am seeing 'weird drops' on rules which are actually accept rules.

 

Here is one example:-

I open a browser on 192.168.3.14 and go to Intel.com. 

 

The site opens ok but :-

fw ctl zdebug drop | grep 192.168.3.14

 

shows:-

 

;[cpu_0];[fw4_1];fw_log_drop_ex: Packet proto=6 192.168.3.14:50702 -> 34.238.108.124:443 dropped by fw_send_log_drop Reason: Rulebase drop - on layer "Site0-Simplified-Policy Secur" rule 3;

 

Rule 3 is an accept rule!!!!

 

Any help appreciated.

 

Thanks

 

Jon

Outcomes