Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
jacowser
Explorer

Passing traffic through 6200P via bonded and bridged interfaces

We are attempting to deploy a 6200 between Cisco switch stacks via bridged interfaces.  Topology is such that Stack 1 connects to Stack 2 and Stack 3 via separate 2 port Etherchannels).  We have configured the Checkpoint with 2 Bridge interfaces (comprised of 2 bonds each).

2022-04-27_11-50-16.jpg

In limited testing, this deployment appears to be working okay.  However, when attempting to move to production, certain traffic doesn't pass, even with an Any Any allow rule.   There are a lot of "Data received before SYN was acknowledged" entries in the logs.  Any thoughts as to if this is somehow config related to the bridge or bond setups?  There doesn't seem to be much in the way of options when configuring them.

Thanks for any assistance,

Jerry

 

0 Kudos
1 Reply
Chris_Atkinson
Employee
Employee

Those messages often related to a specific protection: "TCP SYN Modified Retransmission" 

It's necessary to understand the specific traffic flow that is triggering this to determine if their is a networking problem or other cause that can be otherwise handled.

Refer also: sk63160: Aggregated TCP logs (Potential Network Configuration Problem) 

0 Kudos