hi
i need some assistance, one of my voice systems are trying to talk out the wan to a collector, after running a debug i see the following
# 2018-11-01 15:58:35 id=20085 trace_id=1 func=print_pkt_detail line=4903 msg="vd-root received a packet(proto=6, 10.250.39.4:4320->10.202.19.5:39013) from Voice_1. flag [.], seq 3567147422, ack 2872486997, win 8192" 2018-11-01 15:58:35 id=20085 trace_id=1 func=vf_ip_route_input_common line=2583 msg="find a route: flag=04000000 gw-192.168.102.201 via WAN_Ext" 2018-11-01 15:58:35 id=20085 trace_id=1 func=fw_forward_dirty_handler line=324 msg="no session matched" 2018-11-01 15:58:45 id=20085 trace_id=2 func=print_pkt_detail line=4903 msg="vd-root received a packet(proto=6, 10.250.39.4:4320->10.202.19.5:39013) from Voice_1. flag [.], seq 3567147422, ack 2872486997, win 8192" 2018-11-01 15:58:45 id=20085 trace_id=2 func=vf_ip_route_input_common line=2583 msg="find a route: flag=04000000 gw-192.168.102.201 via WAN_Ext" 2018-11-01 15:58:45 id=20085 trace_id=2 func=fw_forward_dirty_handler line=324 msg="no session matched"
if anyone can assist is will be very helpfull, i even tried pushing up the seesion timeout but without any luck.
This came up a whiel since they are "Ack" and no session in the table, fortigate is dropping the session
Do you see a pattern? { same hosts, same ports,same seq#,etc..)
The log sample seems to indicate these are a loop of the same traffic flow
https://forum.fortinet.com/tm.aspx?m=112084
PCNSE
NSE
StrongSwan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.