- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
LAN to DMZ policy
i have a LAN to DMZ policy to allow LAN traffic.
but we noticed that there are some traffic that are drop or deny due to threat
what does threat 262144 means ??
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
any one encounter the same issue b4 ?
application = unknown
category = unscanned
protocol = tcp
Action = Deny:IP connection error
security
level = low
threat level = low
threat score 5
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Kinmun,
I'm not sure about the threat part, it could be IPS / IDS or AV that's screwing your connection.
about the IP connection error;
This is probably due to the destination not reacting in time, hence the error. the server does not respond or isn't able to connect in time ( time-out ).
I'v seen it before with HP switches, it turned out that there was a high collision rate on the switch ( in other words, the switch was at max capacity of throughput and therefor started dropping packets ).
you can read more about the IP connection error here : http://kb.fortinet.com/kb/documentLink.do?externalID=FD39321 I would suggest checking the whole path for throughput, and maybe run a sniffer on the fortigate to see what happens with the packet ( syn and ack should come along ).
Good luck!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
the connection is clear after my colleague re-install the zabbix agent on the server.
no more connection error.
issue is at the server.