Routing issue - Static routes needed?
-
Ok, I will try that tomorrow, have to leave now.
Regarding the strange delay:- First 5 seconds might be till password prompt appears (I don't really know what happens there in the backend)
- Next 10 seconds delay is me entering password
At least I guess that's being it,…
-
Actually, it just occurred to me that even though the LAN interface is set to forward all local traffic, because there might be an interpretation in the word "local", the traffic is actually destined to a different subnet, so technically it isn't local.
That being said, the firewall IS inspecting the traffic and IS making a state entry for it.
The responses from the RHS firewall aren't going back to the LHS firewall, but instead being sent directly to the client.
Because of this, the LHS firewall eventually times out the state and stops forwarding the traffic.As to why it works with certain files but not others…that requires more investigation.
-
That being said, the firewall IS inspecting the traffic and IS making a state entry for it.
Well, but as there's a rule on the LHS and RHS that state that this traffic is allowed, state entries should not matter for the direction client –> server. As the firewall rule explicitly allows that traffic anyway.
Otherwise a protocol like RDP would not work either, would it? And I would see blocked traffic, but I don't see blocked traffic at all, only allowed traffic... -
That being said, the firewall IS inspecting the traffic and IS making a state entry for it.
Well, but as there's a rule on the LHS and RHS that state that this traffic is allowed, state entries should not matter for the direction client –> server. As the firewall rule explicitly allows that traffic anyway.
Otherwise a protocol like RDP would not work either, would it? And I would see blocked traffic, but I don't see blocked traffic at all, only allowed traffic...Your observations make sense, but the behavior seen in capture seems to suggest that some sort of stateful inspection is taking place.
Did you have a chance to look at the logs to see if anything popped up? -
Well, yes. I first checked that ip redirects are sent, both firewalls would do that.
I assured that the logs are all active, that looks ok. I still see no blocked traffic though, very strange. I will activate layer 3 switch in about 1.4 hours on the LAN, and hopefully this will resolve all of that. Although it would've been interesting to know what the issue is,…
