Unknown block “to any no-df max-mss 1400 fragment reassemble”

deleted

Hello everyone,

I have a lot of entries in the log and I’m not sure yet how they’re generated or if this is even a problem at all:

When I hover over the entry in the dashboard with the mouse, the following is displayed:

In the logs, it looks like this:

Traffic from every port and every NIC is affected.
I have turned off VPN and anything else that might be blocking it, but without success.

Furthermore, the block description only appears in the pop-up. Not in the log.

A search online for “scrub from <vpn_networks:*> to any no-df max-mss 1400 fragment reassemble” was unsuccessful, except for one reference to the “Disable Firewall Scrub” function in the advanced settings.

Scrub is usually disabled. However, changing this setting does not resolve the issue.

Does anyone know what this is?

marcosm

The widget doesn't do a good job matching the right rule in some situations. The one from the log page is correct.

deleted

@marcosm

Thanks for the info.

But what exactly does that tell me?
I haven't actively made any changes to the configuration, and it happens even when I don't have any block systems active.

Except for the FW itself, of course.

tinfoilmatt

Need to see block details.

deleted

Sorry for the delay.

An update to Sense “fixed” the problem—but I suspect the issue was caused by the client rather than Sense.