In addition to our Sophos XG which is the default gateway (.254) we've got a router provided by one of our vendors on the network for their traffic only (.253).
We've created a static route to forward all traffic for their sites and applications back out the LAN interface to their router and there is a firewall rule allowing traffic originating from the LAN zone and destined for their network range in any zone.
They have several webservers and although I can access one of them the other is inaccessible. I can PING and tracert the IP successfully but cannot open the web page.
The firewall log keeps listing "Invalid Traffic" and Invalid TCP State".
This thread was automatically locked due to age.