This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN / no internet Access after 15 Min

XG firmware: SFOS 19.0.1 MR-1-Build365

Hello,
Internet access in the SSL VPN full tunnel breaks off after about 15 minutes during use. Only the firewall management page can be accessed. Internal servers or IPs cannot be reached!

Nothing can be seen in the log (firewall, web protection)!

So the tunnel is not separated, only the Internet access is terminated after 15 minutes without logging anything!

The whole thing was tested with Android 12, 13, OPENVPN version 2.5.036 and Sophos Connect version 2.2.75.0506!

can you please suggest what i could try to fix the problem?

Many Thanks

Certificate

This thread was automatically locked due to age.

Top Replies

LHerzog over 1 year ago in reply to Bilos David +1 suggested

I suspect that clients that are in a network with a fritzbox on their (remote) side will run into trouble with that configuration. anyway: what is the tun1 interface for? The DHCP Server on XG is configured…

0 Vishal_R over 1 year ago

Hi Bilos David Is there any abnormal observation in CLI Packet captures and Drop packets for the resources IP which are not accessible after 15 min..!?? (As till 15 min it works fine for you you may compare working and non-working captures and drop to see the possible difference in both situations).

Regards,

Vishal Ranpariya
Technical Account Manager | Sophos Technical Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link.
Cancel
Vote Up 0 Vote Down

Cancel
0 LHerzog over 1 year ago in reply to Vishal_R

Connect Client is installed on Windows OS?

What is that BD-IPv4-Netzwerk network definition? Please show that IP Host from XG.

That is FritzBox network:

Sure, you want to use 192.168.178.0 here as DHCP range? I would'nt. Use the default IP Range for SSL VPN on XG.

.

15 minutes sounds to me like something cached on the Client OS being flushed. Like DNS cache.

Are those DNS servers you propagate by DHCP reachable from the VPN client? Is 172.16.0.5 the SSL VPN IP of the XG?

I would point the DNS server in SSL VPN against the XG and let it do name resolution.

I think the client cannot reach it's DNS server and so after 15 minutes, it can only communicate by IP, not DNS.

So you tunnel everything when connected. Is it possible you test that:

remove "use as gateway"

add a specific network or server only from your internal network.

then re-connect SSL VPN.

Is the specific network or server still reachable?
Cancel
Vote Up 0 Vote Down

Cancel

0 Bilos David over 1 year ago in reply to Vishal_R

Hello,
thanks for the fast respond!

Enclosed you will find the generating logs!

Fullscreen Drppkt_if_work.txt Download

1472, length 192
16:56:58.685747 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87768784, win 2539, length 0
16:56:58.685750 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88204208:88204624, ack 29361, win                                                                                                                         1472, length 416
16:56:58.685770 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88204624:88204928, ack 29361, win                                                                                                                         1472, length 304
16:56:58.685781 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87769296, win 2537, length 0
16:56:58.685793 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88204928:88205120, ack 29361, win                                                                                                                         1472, length 192
16:56:58.685814 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88205120:88205424, ack 29361, win                                                                                                                         1472, length 304
16:56:58.685822 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87769776, win 2535, length 0
16:56:58.685833 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88205424:88205616, ack 29361, win                                                                                                                         1472, length 192
16:56:58.685854 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88205616:88205920, ack 29361, win                                                                                                                         1472, length 304
16:56:58.685857 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87770400, win 2533, length 0
16:56:58.685873 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88205920:88206112, ack 29361, win                                                                                                                         1472, length 192
16:56:58.685892 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87770896, win 2531, length 0
16:56:58.685893 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88206112:88206288, ack 29361, win                                                                                                                         1472, length 176
16:56:58.685913 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88206288:88206608, ack 29361, win                                                                                                                         1472, length 320
16:56:58.685926 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87771392, win 2529, length 0
16:56:58.685933 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88206608:88206784, ack 29361, win                                                                                                                         1472, length 176
16:56:58.685954 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88206784:88206976, ack 29361, win                                                                                                                         1472, length 192
16:56:58.685957 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87771872, win 2527, length 0
16:56:58.685975 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88206976:88207280, ack 29361, win                                                                                                                         1472, length 304
16:56:58.685991 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87772368, win 2525, length 0
16:56:58.685995 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88207280:88207472, ack 29361, win                                                                                                                         1472, length 192
16:56:58.686016 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88207472:88207648, ack 29361, win                                                                                                                         1472, length 176
16:56:58.686023 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87772864, win 2523, length 0
16:56:58.686037 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88207648:88207968, ack 29361, win                                                                                                                         1472, length 320
16:56:58.686056 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87773472, win 2521, length 0
16:56:58.686076 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88207968:88208144, ack 29361, win                                                                                                                         1472, length 176
16:56:58.686090 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87773984, win 2519, length 0
16:56:58.686123 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87774496, win 2517, length 0
16:56:58.686139 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88208144:88208576, ack 29361, win                                                                                                                         1472, length 432
16:56:58.686157 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87774880, win 2515, length 0
16:56:58.686164 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88208576:88209264, ack 29361, win                                                                                                                         1472, length 688
16:56:58.686186 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88209264:88209536, ack 29361, win                                                                                                                         1472, length 272
16:56:58.686188 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87775264, win 2514, length 0
16:56:58.686205 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88209536:88209728, ack 29361, win                                                                                                                         1472, length 192
16:56:58.686222 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87775824, win 2512, length 0
16:56:58.686226 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88209728:88210032, ack 29361, win                                                                                                                         1472, length 304
16:56:58.686247 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88210032:88210224, ack 29361, win                                                                                                                         1472, length 192
16:56:58.686253 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87776192, win 2510, length 0
16:56:58.686267 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88210224:88210400, ack 29361, win                                                                                                                         1472, length 176
16:56:58.686288 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88210400:88210704, ack 29361, win                                                                                                                         1472, length 304
16:56:58.686293 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87776688, win 2508, length 0
16:56:58.686307 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88210704:88210896, ack 29361, win                                                                                                                         1472, length 192
16:56:58.686328 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88210896:88211200, ack 29361, win                                                                                                                         1472, length 304
16:56:58.686348 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88211200:88211392, ack 29361, win                                                                                                                         1472, length 192
16:56:58.686368 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88211392:88211584, ack 29361, win                                                                                                                         1472, length 192
16:56:58.686388 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88211584:88211888, ack 29361, win                                                                                                                         1472, length 304
16:56:58.686408 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88211888:88212080, ack 29361, win                                                                                                                         1472, length 192
16:56:58.686427 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88212080:88212272, ack 29361, win                                                                                                                         1472, length 192
16:56:58.686462 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88212272:88212592, ack 29361, win                                                                                                                         1472, length 320
16:56:58.686489 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88212592:88212912, ack 29361, win                                                                                                                         1472, length 320
16:56:58.686538 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88212912:88213104, ack 29361, win                                                                                                                         1472, length 192
16:56:58.686565 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88213104:88213296, ack 29361, win                                                                                                                         1472, length 192
16:56:58.686594 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88213296:88213488, ack 29361, win                                                                                                                         1472, length 192
16:56:58.686624 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88213488:88213680, ack 29361, win                                                                                                                         1472, length 192
16:56:58.686675 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88213680:88213872, ack 29361, win                                                                                                                         1472, length 192
16:56:58.686695 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88213872:88214064, ack 29361, win                                                                                                                         1472, length 192
16:56:58.686728 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88214064:88214256, ack 29361, win                                                                                                                         1472, length 192
16:56:58.686753 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88214256:88214448, ack 29361, win                                                                                                                         1472, length 192
16:56:58.686785 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88214448:88214640, ack 29361, win                                                                                                                         1472, length 192
16:56:58.687995 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87777184, win 2506, length 0
16:56:58.688045 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87777680, win 2504, length 0
16:56:58.688055 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88214640:88214960, ack 29361, win                                                                                                                         1472, length 320
16:56:58.688084 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87778176, win 2502, length 0
16:56:58.688097 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88214960:88215136, ack 29361, win                                                                                                                         1472, length 176
16:56:58.688120 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87778784, win 2500, length 0
16:56:58.688136 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88215136:88215312, ack 29361, win                                                                                                                         1472, length 176
16:56:58.688161 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87779280, win 2498, length 0
16:56:58.688171 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88215312:88215744, ack 29361, win                                                                                                                         1472, length 432
16:56:58.688193 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88215744:88215920, ack 29361, win                                                                                                                         1472, length 176
16:56:58.688194 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87779776, win 2496, length 0
16:56:58.688214 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88215920:88216224, ack 29361, win                                                                                                                         1472, length 304
16:56:58.688228 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87780272, win 2494, length 0
16:56:58.688233 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88216224:88216416, ack 29361, win                                                                                                                         1472, length 192
16:56:58.688256 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88216416:88216720, ack 29361, win                                                                                                                         1472, length 304
16:56:58.688260 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87780752, win 2492, length 0
16:56:58.688276 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88216720:88216912, ack 29361, win                                                                                                                         1472, length 192
16:56:58.688293 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87781376, win 2490, length 0
16:56:58.688310 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88216912:88217216, ack 29361, win                                                                                                                         1472, length 304
16:56:58.688327 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87781872, win 2488, length 0
16:56:58.688332 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88217216:88217520, ack 29361, win                                                                                                                         1472, length 304
16:56:58.688354 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88217520:88217712, ack 29361, win                                                                                                                         1472, length 192
16:56:58.688358 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87782736, win 2485, length 0
16:56:58.688375 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88217712:88218016, ack 29361, win                                                                                                                         1472, length 304
16:56:58.688392 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87783216, win 2483, length 0
16:56:58.688395 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88218016:88218192, ack 29361, win                                                                                                                         1472, length 176
16:56:58.688415 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88218192:88218512, ack 29361, win                                                                                                                         1472, length 320
16:56:58.688426 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87783712, win 2481, length 0
16:56:58.688435 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88218512:88218688, ack 29361, win                                                                                                                         1472, length 176
16:56:58.688454 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88218688:88218880, ack 29361, win                                                                                                                         1472, length 192
16:56:58.688460 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87784208, win 2479, length 0
16:56:58.688476 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88218880:88219184, ack 29361, win                                                                                                                         1472, length 304
16:56:58.688494 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87784704, win 2477, length 0
16:56:58.688495 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88219184:88219376, ack 29361, win                                                                                                                         1472, length 192
16:56:58.688515 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88219376:88219552, ack 29361, win                                                                                                                         1472, length 176
16:56:58.688527 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87785200, win 2475, length 0
16:56:58.688536 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88219552:88219872, ack 29361, win                                                                                                                         1472, length 320
16:56:58.688556 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88219872:88220048, ack 29361, win                                                                                                                         1472, length 176
16:56:58.688560 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87785696, win 2473, length 0
16:56:58.688575 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88220048:88220240, ack 29361, win                                                                                                                         1472, length 192
16:56:58.688595 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88220240:88220544, ack 29361, win                                                                                                                         1472, length 304
16:56:58.688601 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87786352, win 2471, length 0
16:56:58.688630 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88220544:88220736, ack 29361, win                                                                                                                         1472, length 192
16:56:58.688636 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87786736, win 2469, length 0
16:56:58.688651 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88220736:88221040, ack 29361, win                                                                                                                         1472, length 304
16:56:58.688670 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87787248, win 2467, length 0
16:56:58.688672 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88221040:88221344, ack 29361, win                                                                                                                         1472, length 304
16:56:58.688691 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88221344:88221536, ack 29361, win                                                                                                                         1472, length 192
16:56:58.688703 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87787632, win 2466, length 0
16:56:58.688715 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88221536:88221840, ack 29361, win                                                                                                                         1472, length 304
16:56:58.688735 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88221840:88222032, ack 29361, win                                                                                                                         1472, length 192
16:56:58.688736 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87788000, win 2464, length 0
16:56:58.688755 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88222032:88222208, ack 29361, win                                                                                                                         1472, length 176
16:56:58.688776 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88222208:88222512, ack 29361, win                                                                                                                         1472, length 304
16:56:58.688776 tun0, IN: IP 192.168.178.2.53532 > 54.194.250.225.443: Flags [P.], seq 54847:55156, ack 9802, win 513                                                                                                                        , length 309
16:56:58.688795 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88222512:88222704, ack 29361, win                                                                                                                         1472, length 192
16:56:58.688815 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88222704:88222896, ack 29361, win                                                                                                                         1472, length 192
16:56:58.688835 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88222896:88223200, ack 29361, win                                                                                                                         1472, length 304
16:56:58.688854 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88223200:88223392, ack 29361, win                                                                                                                         1472, length 192
16:56:58.688874 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88223392:88223568, ack 29361, win                                                                                                                         1472, length 176
16:56:58.688893 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88223568:88223760, ack 29361, win                                                                                                                         1472, length 192
16:56:58.688922 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88223760:88223952, ack 29361, win                                                                                                                         1472, length 192
16:56:58.688943 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88223952:88224272, ack 29361, win                                                                                                                         1472, length 320
16:56:58.689035 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88224336:88224656, ack 29361, win                                                                                                                         1472, length 320
16:56:58.689055 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88224656:88224848, ack 29361, win                                                                                                                         1472, length 192
16:56:58.689076 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88224848:88225168, ack 29361, win                                                                                                                         1472, length 320
16:56:58.689099 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88225168:88225360, ack 29361, win                                                                                                                         1472, length 192
16:56:58.690281 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87788720, win 2461, length 0
16:56:58.690340 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87789440, win 2458, length 0
16:56:58.690349 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88225360:88226256, ack 29361, win                                                                                                                         1472, length 896
16:56:58.690379 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88226256:88226432, ack 29361, win                                                                                                                         1472, length 176
16:56:58.690380 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87789808, win 2457, length 0
16:56:58.690409 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88226432:88226608, ack 29361, win                                                                                                                         1472, length 176
16:56:58.690414 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87790304, win 2455, length 0
16:56:58.690428 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88226608:88226800, ack 29361, win                                                                                                                         1472, length 192
16:56:58.690448 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87790800, win 2453, length 0
16:56:58.690449 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88226800:88226992, ack 29361, win                                                                                                                         1472, length 192
16:56:58.690471 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88226992:88227296, ack 29361, win                                                                                                                         1472, length 304
16:56:58.690482 tun0, IN: IP 192.168.178.2.53532 > 54.194.250.225.443: Flags [P.], seq 55156:55445, ack 9802, win 513                                                                                                                        , length 289
16:56:58.690488 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88227296:88227472, ack 29361, win                                                                                                                         1472, length 176
16:56:58.690518 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88227472:88227664, ack 29361, win                                                                                                                         1472, length 192
16:56:58.690524 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87791424, win 2451, length 0
16:56:58.690538 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88227664:88227840, ack 29361, win                                                                                                                         1472, length 176
16:56:58.690557 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88227840:88228032, ack 29361, win                                                                                                                         1472, length 192
16:56:58.690559 tun0, IN: IP 192.168.178.2.53532 > 54.194.250.225.443: Flags [P.], seq 55445:55741, ack 9802, win 513                                                                                                                        , length 296
16:56:58.690577 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88228032:88228352, ack 29361, win                                                                                                                         1472, length 320
16:56:58.690597 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88228352:88228544, ack 29361, win                                                                                                                         1472, length 192
16:56:58.690610 tun0, IN: IP 192.168.178.2.53532 > 54.194.250.225.443: Flags [P.], seq 55741:56066, ack 9802, win 513                                                                                                                        , length 325
16:56:58.690650 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87791792, win 2449, length 0
16:56:58.690672 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88228544:88229424, ack 29361, win                                                                                                                         1472, length 880
16:56:58.690691 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87792400, win 2447, length 0
16:56:58.690752 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88229424:88230240, ack 29361, win                                                                                                                         1472, length 816
16:56:58.690778 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88230240:88230416, ack 29361, win                                                                                                                         1472, length 176
16:56:58.691276 tun0, IN: IP 192.168.178.2.53526 > 151.101.65.16.443: Flags [P.], seq 37262:37342, ack 2043659, win 1                                                                                                                        025, length 80
16:56:58.691333 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87793024, win 2444, length 0
16:56:58.691364 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88230416:88230992, ack 29361, win                                                                                                                         1472, length 576
16:56:58.691378 tun0, IN: IP 192.168.178.2.53526 > 151.101.65.16.443: Flags [P.], seq 37342:37422, ack 2043659, win 1                                                                                                                        025, length 80
16:56:58.691397 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88230992:88231168, ack 29361, win                                                                                                                         1472, length 176
16:56:58.691419 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87793488, win 2443, length 0
16:56:58.691442 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88231168:88231744, ack 29361, win                                                                                                                         1472, length 576
16:56:58.691479 tun0, IN: IP 192.168.178.2.53526 > 151.101.65.16.443: Flags [P.], seq 37422:37502, ack 2043659, win 1                                                                                                                        025, length 80
16:56:58.691483 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88231744:88231920, ack 29361, win                                                                                                                         1472, length 176
16:56:58.691533 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87793984, win 2441, length 0
16:56:58.691565 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88231920:88232432, ack 29361, win                                                                                                                         1472, length 512
16:56:58.691580 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87794480, win 2439, length 0
16:56:58.691613 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88232432:88232608, ack 29361, win                                                                                                                         1472, length 176
16:56:58.691614 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87794976, win 2437, length 0
16:56:58.691640 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88232608:88232800, ack 29361, win                                                                                                                         1472, length 192
16:56:58.691652 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87795472, win 2435, length 0
16:56:58.691661 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88232800:88232976, ack 29361, win                                                                                                                         1472, length 176
16:56:58.691680 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88232976:88233168, ack 29361, win                                                                                                                         1472, length 192
16:56:58.691685 tun0, IN: IP 192.168.178.2.53526 > 151.101.65.16.443: Flags [P.], seq 37502:37582, ack 2043659, win 1                                                                                                                        025, length 80
16:56:58.691701 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88233168:88233472, ack 29361, win                                                                                                                         1472, length 304
16:56:58.691720 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88233472:88233648, ack 29361, win                                                                                                                         1472, length 176
16:56:58.691736 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87796080, win 2433, length 0
16:56:58.691739 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88233648:88233840, ack 29361, win                                                                                                                         1472, length 192
16:56:58.691758 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88233840:88234032, ack 29361, win                                                                                                                         1472, length 192
16:56:58.691771 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87796576, win 2431, length 0
16:56:58.691780 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88234032:88234352, ack 29361, win                                                                                                                         1472, length 320
16:56:58.691799 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88234352:88234544, ack 29361, win                                                                                                                         1472, length 192
16:56:58.691804 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87796944, win 2429, length 0
16:56:58.691835 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88234544:88234848, ack 29361, win                                                                                                                         1472, length 304
16:56:58.691838 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87797456, win 2427, length 0
16:56:58.691856 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88234848:88235152, ack 29361, win                                                                                                                         1472, length 304
16:56:58.691871 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87797840, win 2426, length 0
16:56:58.691875 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88235152:88235344, ack 29361, win                                                                                                                         1472, length 192
16:56:58.691895 tun0, OUT: IP 172.16.0.1.22 > 192.168.178.2.59438: Flags [P.], seq 88235344:88235600, ack 29361, win                                                                                                                         1472, length 256
16:56:58.691902 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87798224, win 2424, length 0
16:56:58.691936 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87798608, win 2423, length 0
16:56:58.691971 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87798992, win 2421, length 0
16:56:58.692004 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87799376, win 2420, length 0
16:56:58.692051 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87800128, win 2417, length 0
16:56:58.692762 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87800496, win 2415, length 0
16:56:58.692806 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87800992, win 2413, length 0
16:56:58.692847 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87801600, win 2411, length 0
16:56:58.692888 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87802096, win 2409, length 0
16:56:58.692939 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87802592, win 2407, length 0
16:56:58.692980 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87802976, win 2406, length 0
16:56:58.693033 tun0, IN: IP 192.168.178.2.53526 > 151.101.65.16.443: Flags [P.], seq 37582:37663, ack 2043659, win 1                                                                                                                        025, length 81
16:56:58.693089 tun0, IN: IP 192.168.178.2.53526 > 151.101.65.16.443: Flags [P.], seq 37663:37743, ack 2043659, win 1                                                                                                                        025, length 80
16:56:58.693134 tun0, IN: IP 192.168.178.2.53526 > 151.101.65.16.443: Flags [P.], seq 37743:37823, ack 2043659, win 1                                                                                                                        025, length 80
16:56:58.693187 tun0, IN: IP 192.168.178.2.53526 > 151.101.65.16.443: Flags [P.], seq 37823:37902, ack 2043659, win 1                                                                                                                        025, length 79
16:56:58.693232 tun0, IN: IP 192.168.178.2.53526 > 151.101.65.16.443: Flags [P.], seq 37902:37982, ack 2043659, win 1                                                                                                                        025, length 80
16:56:58.693286 tun0, IN: IP 192.168.178.2.53526 > 151.101.65.16.443: Flags [P.], seq 37982:38063, ack 2043659, win 1                                                                                                                        025, length 81
16:56:58.693331 tun0, IN: IP 192.168.178.2.53532 > 54.194.250.225.443: Flags [.], ack 10008, win 512, length 0
16:56:58.693384 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87804416, win 2400, length 0
16:56:58.693426 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87804784, win 2399, length 0
16:56:58.693476 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87805152, win 2397, length 0
16:56:58.693518 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87805648, win 2395, length 0
16:56:58.693564 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87806384, win 2392, length 0
16:56:58.693612 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87806752, win 2391, length 0
16:56:58.693652 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87807248, win 2389, length 0
16:56:58.693695 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87807632, win 2387, length 0
16:56:58.693735 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87808112, win 2386, length 0
16:56:58.693775 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87808608, win 2384, length 0
16:56:58.693816 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87808976, win 2382, length 0
16:56:58.693856 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87809472, win 2380, length 0
16:56:58.693897 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87809968, win 2378, length 0
16:56:58.693937 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87810336, win 2377, length 0
16:56:58.693977 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87810832, win 2375, length 0
16:56:58.694018 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87811328, win 2373, length 0
16:56:58.694057 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87811696, win 2372, length 0
16:56:58.694098 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87812192, win 2370, length 0
16:56:58.694144 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87812688, win 2368, length 0
16:56:58.694187 tun0, IN: IP 192.168.178.2.53532 > 54.194.250.225.443: Flags [P.], seq 56066:56362, ack 10008, win 51                                                                                                                        2, length 296
16:56:58.694232 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87813072, win 2366, length 0
16:56:58.694273 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87813552, win 2364, length 0
16:56:58.694313 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87814048, win 2362, length 0
16:56:58.694354 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87814432, win 2361, length 0
16:56:58.694441 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87814800, win 2359, length 0
16:56:58.694490 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87815296, win 2357, length 0
16:56:58.694531 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87815792, win 2356, length 0
16:56:58.694571 tun0, IN: IP 192.168.178.2.59438 > 172.16.0.1.22: Flags [.], ack 87816160, win 2354, length 0
16:56:58.698804 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [.], ack 37342, win 284, length 0
16:56:58.698813 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [.], ack 37422, win 284, length 0
16:56:58.698815 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [.], ack 37502, win 284, length 0
16:56:58.698816 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [.], ack 37582, win 284, length 0
16:56:58.700289 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [.], seq 2043659:2044615, ack 37582, win                                                                                                                         284, length 956
16:56:58.700548 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [P.], seq 2044615:2045571, ack 37582, wi                                                                                                                        n 284, length 956
16:56:58.701089 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [.], seq 2045571:2046527, ack 37582, win                                                                                                                         284, length 956
16:56:58.701204 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [P.], seq 2046527:2047483, ack 37582, wi                                                                                                                        n 284, length 956
16:56:58.702592 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [.], seq 2047483:2048439, ack 37582, win                                                                                                                         284, length 956
16:56:58.702848 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [P.], seq 2048439:2049395, ack 37582, wi                                                                                                                        n 284, length 956
16:56:58.704092 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [.], ack 37663, win 284, length 0
16:56:58.704100 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [.], ack 37743, win 284, length 0
16:56:58.704102 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [.], ack 37823, win 284, length 0
16:56:58.704103 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [.], ack 37902, win 284, length 0
16:56:58.704105 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [.], ack 37982, win 284, length 0
16:56:58.704106 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [.], ack 38063, win 284, length 0
16:56:58.704107 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [.], seq 2049395:2050351, ack 38063, win                                                                                                                         284, length 956
16:56:58.704296 tun0, OUT: IP 151.101.65.16.443 > 192.168.178.2.53526: Flags [P.], seq 2050351:20513^C

tcpdump_if_not_work.txt

Fullscreen IFConfig_Tunnel.txt Download

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:192.168.178.1  P-t-P:192.168.178.1  Mask:255.255.255.128
          inet6 addr: fe80::6c6b:3787:a604:6aa6/64 Scope:Link
          inet6 addr: 2001:db8::/65 Scope:Global
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:4939914 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9374683 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:203006738 (193.6 MiB)  TX bytes:2774065055 (2.5 GiB)

tun1      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:192.168.178.129  P-t-P:192.168.178.129  Mask:255.255.255.128
          inet6 addr: 2001:db8:0:0:8000::/65 Scope:Global
          inet6 addr: fe80::d2b7:3a0b:4085:f2b2/64 Scope:Link
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:243488 errors:0 dropped:0 overruns:0 frame:0
          TX packets:420789 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:21515702 (20.5 MiB)  TX bytes:204652569 (195.1 MiB)

Drppkt_if_not_work.txt

Fullscreen Drppkt_if_it_works.txt Download

SFVH_VM01_SFOS 19.0.1 MR-1-Build365# drppkt
2022-12-07 16:59:20 010202130 IP 172.16.0.154.32838 > 142.250.185.104.443 : proto TCP: F 3170364895:3170364926(31) win 1388 checksum : 12258
0x0000:  4500 0053 67a0 4000 4006 ddf7 ac10 009a  E..Sg.@.@.......
0x0010:  8efa b968 8046 01bb bcf7 eddf 0748 4418  ...h.F.......HD.
0x0020:  8019 056c 2fe2 0000 0101 080a 000e 0f64  ...l/..........d
0x0030:  c3a9 3f64 1503 0300 1a00 0000 0000 0000  ..?d............
0x0040:  029e 7c93 7e50 f2de 1460 0026 cb60 c723  ..|.~P...`.&.`.#
0x0050:  4e11 aa                                  N..
Date=2022-12-07 Time=16:59:20 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=172.16.0.154 dest_ip=142.250.185.104 l4_protocol=TCP source_port=32838 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:20 010202130 IP 192.168.178.2.53539 > 52.94.222.127.443 : proto TCP:  2188309291:2188309292(1) ack 4072709168 win 515 checksum : 20701
0x0000:  4500 0029 e2c2 4000 8006 9283 c0a8 b202  E..)..@.........
0x0010:  345e de7f d123 01bb 826e f32b f2c0 9c30  4^...#...n.+...0
0x0020:  5010 0203 50dd 0000 00                   P...P....
Date=2022-12-07 Time=16:59:20 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=52.94.222.127 l4_protocol=TCP source_port=53539 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:20 010202130 IP 192.168.178.2.53545 > 176.32.110.78.443 : proto TCP:  3308048838:3308048839(1) ack 564074378 win 513 checksum : 31159
0x0000:  4500 0029 ce70 4000 8006 9b44 c0a8 b202  E..).p@....D....
0x0010:  b020 6e4e d129 01bb c52c d1c6 219f 178a  ..nN.)...,..!...
0x0020:  5010 0201 79b7 0000 00                   P...y....
Date=2022-12-07 Time=16:59:20 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=176.32.110.78 l4_protocol=TCP source_port=53545 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:20 010202130 IP 192.168.178.2.53547 > 52.95.118.208.443 : proto TCP:  136605149:136605150(1) ack 119040841 win 515 checksum : 54444
0x0000:  4500 0029 03a2 4000 8006 d952 c0a8 b202  E..)..@....R....
0x0010:  345f 76d0 d12b 01bb 0824 6ddd 0718 6b49  4_v..+...$m...kI
0x0020:  5010 0203 d4ac 0000 00                   P........
Date=2022-12-07 Time=16:59:20 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=52.95.118.208 l4_protocol=TCP source_port=53547 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:21 010202130 IP 192.168.178.2.53550 > 67.220.228.97.443 : proto TCP:  3077122297:3077122298(1) ack 2818591503 win 515 checksum : 27787
0x0000:  4500 0029 2430 4000 8006 3bb6 c0a8 b202  E..)$0@...;.....
0x0010:  43dc e461 d12e 01bb b769 28f9 a800 4b0f  C..a.....i(...K.
0x0020:  5010 0203 6c8b 0000 00                   P...l....
Date=2022-12-07 Time=16:59:21 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=67.220.228.97 l4_protocol=TCP source_port=53550 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:28 010202130 IP 192.168.178.2.53545 > 176.32.110.78.443 : proto TCP: F 3308048839:3308048839(0) win 513 checksum : 31158
0x0000:  4500 0028 ce71 4000 8006 9b44 c0a8 b202  E..(.q@....D....
0x0010:  b020 6e4e d129 01bb c52c d1c7 219f 178a  ..nN.)...,..!...
0x0020:  5011 0201 79b6 0000                      P...y...
Date=2022-12-07 Time=16:59:28 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=176.32.110.78 l4_protocol=TCP source_port=53545 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:28 010202130 IP 192.168.178.2.53539 > 52.94.222.127.443 : proto TCP: F 2188309292:2188309292(0) win 515 checksum : 20700
0x0000:  4500 0028 e2c3 4000 8006 9283 c0a8 b202  E..(..@.........
0x0010:  345e de7f d123 01bb 826e f32c f2c0 9c30  4^...#...n.,...0
0x0020:  5011 0203 50dc 0000                      P...P...
Date=2022-12-07 Time=16:59:28 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=52.94.222.127 l4_protocol=TCP source_port=53539 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:28 010202130 IP 192.168.178.2.53547 > 52.95.118.208.443 : proto TCP: F 136605150:136605150(0) win 515 checksum : 54443
0x0000:  4500 0028 03a3 4000 8006 d952 c0a8 b202  E..(..@....R....
0x0010:  345f 76d0 d12b 01bb 0824 6dde 0718 6b49  4_v..+...$m...kI
0x0020:  5011 0203 d4ab 0000                      P.......
Date=2022-12-07 Time=16:59:28 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=52.95.118.208 l4_protocol=TCP source_port=53547 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:28 010202130 IP 192.168.178.2.53550 > 67.220.228.97.443 : proto TCP: F 3077122298:3077122298(0) win 515 checksum : 27786
0x0000:  4500 0028 2431 4000 8006 3bb6 c0a8 b202  E..($1@...;.....
0x0010:  43dc e461 d12e 01bb b769 28fa a800 4b0f  C..a.....i(...K.
0x0020:  5011 0203 6c8a 0000                      P...l...
Date=2022-12-07 Time=16:59:28 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=67.220.228.97 l4_protocol=TCP source_port=53550 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:28 010202130 IP 192.168.178.2.53547 > 52.95.118.208.443 : proto TCP: F 136605150:136605150(0) win 515 checksum : 54443
0x0000:  4500 0028 03a4 4000 8006 d951 c0a8 b202  E..(..@....Q....
0x0010:  345f 76d0 d12b 01bb 0824 6dde 0718 6b49  4_v..+...$m...kI
0x0020:  5011 0203 d4ab 0000                      P.......
Date=2022-12-07 Time=16:59:28 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=52.95.118.208 l4_protocol=TCP source_port=53547 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:28 010202130 IP 192.168.178.2.53550 > 67.220.228.97.443 : proto TCP: F 3077122298:3077122298(0) win 515 checksum : 27786
0x0000:  4500 0028 2432 4000 8006 3bb5 c0a8 b202  E..($2@...;.....
0x0010:  43dc e461 d12e 01bb b769 28fa a800 4b0f  C..a.....i(...K.
0x0020:  5011 0203 6c8a 0000                      P...l...
Date=2022-12-07 Time=16:59:28 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=67.220.228.97 l4_protocol=TCP source_port=53550 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:29 010202130 IP 192.168.178.2.53539 > 52.94.222.127.443 : proto TCP: F 2188309292:2188309292(0) win 515 checksum : 20700
0x0000:  4500 0028 e2c4 4000 8006 9282 c0a8 b202  E..(..@.........
0x0010:  345e de7f d123 01bb 826e f32c f2c0 9c30  4^...#...n.,...0
0x0020:  5011 0203 50dc 0000                      P...P...
Date=2022-12-07 Time=16:59:29 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=52.94.222.127 l4_protocol=TCP source_port=53539 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:29 010202130 IP 192.168.178.2.53545 > 176.32.110.78.443 : proto TCP: F 3308048839:3308048839(0) win 513 checksum : 31158
0x0000:  4500 0028 ce72 4000 8006 9b43 c0a8 b202  E..(.r@....C....
0x0010:  b020 6e4e d129 01bb c52c d1c7 219f 178a  ..nN.)...,..!...
0x0020:  5011 0201 79b6 0000                      P...y...
Date=2022-12-07 Time=16:59:29 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=176.32.110.78 l4_protocol=TCP source_port=53545 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:29 010202130 IP 192.168.178.2.53547 > 52.95.118.208.443 : proto TCP: F 136605150:136605150(0) win 515 checksum : 54443
0x0000:  4500 0028 03a5 4000 8006 d950 c0a8 b202  E..(..@....P....
0x0010:  345f 76d0 d12b 01bb 0824 6dde 0718 6b49  4_v..+...$m...kI
0x0020:  5011 0203 d4ab 0000                      P.......
Date=2022-12-07 Time=16:59:29 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=52.95.118.208 l4_protocol=TCP source_port=53547 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:29 010202130 IP 192.168.178.2.53550 > 67.220.228.97.443 : proto TCP: F 3077122298:3077122298(0) win 515 checksum : 27786
0x0000:  4500 0028 2433 4000 8006 3bb4 c0a8 b202  E..($3@...;.....
0x0010:  43dc e461 d12e 01bb b769 28fa a800 4b0f  C..a.....i(...K.
0x0020:  5011 0203 6c8a 0000                      P...l...
Date=2022-12-07 Time=16:59:29 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=67.220.228.97 l4_protocol=TCP source_port=53550 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:29 010202130 IP 192.168.178.2.53539 > 52.94.222.127.443 : proto TCP: F 2188309292:2188309292(0) win 515 checksum : 20700
0x0000:  4500 0028 e2c5 4000 8006 9281 c0a8 b202  E..(..@.........
0x0010:  345e de7f d123 01bb 826e f32c f2c0 9c30  4^...#...n.,...0
0x0020:  5011 0203 50dc 0000                      P...P...
Date=2022-12-07 Time=16:59:29 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=52.94.222.127 l4_protocol=TCP source_port=53539 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:30 010202130 IP 192.168.178.2.53545 > 176.32.110.78.443 : proto TCP: F 3308048839:3308048839(0) win 513 checksum : 31158
0x0000:  4500 0028 ce73 4000 8006 9b42 c0a8 b202  E..(.s@....B....
0x0010:  b020 6e4e d129 01bb c52c d1c7 219f 178a  ..nN.)...,..!...
0x0020:  5011 0201 79b6 0000                      P...y...
Date=2022-12-07 Time=16:59:30 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=176.32.110.78 l4_protocol=TCP source_port=53545 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:30 010202130 IP 192.168.178.2.53547 > 52.95.118.208.443 : proto TCP: F 136605150:136605150(0) win 515 checksum : 54443
0x0000:  4500 0028 03a6 4000 8006 d94f c0a8 b202  E..(..@....O....
0x0010:  345f 76d0 d12b 01bb 0824 6dde 0718 6b49  4_v..+...$m...kI
0x0020:  5011 0203 d4ab 0000                      P.......
Date=2022-12-07 Time=16:59:30 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=52.95.118.208 l4_protocol=TCP source_port=53547 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:31 010202130 IP 192.168.178.2.53550 > 67.220.228.97.443 : proto TCP: F 3077122298:3077122298(0) win 515 checksum : 27786
0x0000:  4500 0028 2434 4000 8006 3bb3 c0a8 b202  E..($4@...;.....
0x0010:  43dc e461 d12e 01bb b769 28fa a800 4b0f  C..a.....i(...K.
0x0020:  5011 0203 6c8a 0000                      P...l...
Date=2022-12-07 Time=16:59:31 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=67.220.228.97 l4_protocol=TCP source_port=53550 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:31 010202130 IP 192.168.178.2.53539 > 52.94.222.127.443 : proto TCP: F 2188309292:2188309292(0) win 515 checksum : 20700
0x0000:  4500 0028 e2c6 4000 8006 9280 c0a8 b202  E..(..@.........
0x0010:  345e de7f d123 01bb 826e f32c f2c0 9c30  4^...#...n.,...0
0x0020:  5011 0203 50dc 0000                      P...P...
Date=2022-12-07 Time=16:59:31 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=52.94.222.127 l4_protocol=TCP source_port=53539 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:31 010202130 IP 192.168.178.2.53545 > 176.32.110.78.443 : proto TCP: F 3308048839:3308048839(0) win 513 checksum : 31158
0x0000:  4500 0028 ce74 4000 8006 9b41 c0a8 b202  E..(.t@....A....
0x0010:  b020 6e4e d129 01bb c52c d1c7 219f 178a  ..nN.)...,..!...
0x0020:  5011 0201 79b6 0000                      P...y...
Date=2022-12-07 Time=16:59:31 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=176.32.110.78 l4_protocol=TCP source_port=53545 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:33 010202130 IP 192.168.178.2.53547 > 52.95.118.208.443 : proto TCP: F 136605150:136605150(0) win 515 checksum : 54443
0x0000:  4500 0028 03a7 4000 8006 d94e c0a8 b202  E..(..@....N....
0x0010:  345f 76d0 d12b 01bb 0824 6dde 0718 6b49  4_v..+...$m...kI
0x0020:  5011 0203 d4ab 0000                      P.......
Date=2022-12-07 Time=16:59:33 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=52.95.118.208 l4_protocol=TCP source_port=53547 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:34 010202130 IP 192.168.178.2.53550 > 67.220.228.97.443 : proto TCP: F 3077122298:3077122298(0) win 515 checksum : 27786
0x0000:  4500 0028 2435 4000 8006 3bb2 c0a8 b202  E..($5@...;.....
0x0010:  43dc e461 d12e 01bb b769 28fa a800 4b0f  C..a.....i(...K.
0x0020:  5011 0203 6c8a 0000                      P...l...
Date=2022-12-07 Time=16:59:34 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=67.220.228.97 l4_protocol=TCP source_port=53550 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:35 010202130 IP 192.168.178.2.53539 > 52.94.222.127.443 : proto TCP: F 2188309292:2188309292(0) win 515 checksum : 20700
0x0000:  4500 0028 e2c7 4000 8006 927f c0a8 b202  E..(..@.........
0x0010:  345e de7f d123 01bb 826e f32c f2c0 9c30  4^...#...n.,...0
0x0020:  5011 0203 50dc 0000                      P...P...
Date=2022-12-07 Time=16:59:35 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=52.94.222.127 l4_protocol=TCP source_port=53539 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:35 010202130 IP 192.168.178.2.53545 > 176.32.110.78.443 : proto TCP: F 3308048839:3308048839(0) win 513 checksum : 31158
0x0000:  4500 0028 ce75 4000 8006 9b40 c0a8 b202  E..(.u@....@....
0x0010:  b020 6e4e d129 01bb c52c d1c7 219f 178a  ..nN.)...,..!...
0x0020:  5011 0201 79b6 0000                      P...y...
Date=2022-12-07 Time=16:59:35 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=176.32.110.78 l4_protocol=TCP source_port=53545 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:37 0103021 IP 89.248.165.59.53799 > 91.89.137.239.3225 : proto TCP: S 831665771:831665771(0) win 1024 checksum : 27784
0x0000:  4500 002c b31d 0000 f806 2b32 59f8 a53b  E..,......+2Y..;
0x0010:  5b59 89ef d227 0c99 3192 366b 0000 0000  [Y...'..1.6k....
0x0020:  6002 0400 6c88 0000 0204 0218            `...l.......
Date=2022-12-07 Time=16:59:37 log_id=0103021 log_type=Firewall log_component=Local_ACLs log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=2 outzone_id=4 source_mac=00:01:5c:7a:44:46 dest_mac=00:0c:29:4a:50:0d bridge_name= l3_protocol=IPv4 source_ip=89.248.165.59 dest_ip=91.89.137.239 l4_protocol=TCP source_port=53799 dest_port=3225 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x8001 nfqueue=0 gateway_offset=0 connid=2222655139 masterid=0 status=256 state=1, flag0=824635817984 flags1=17179869184 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:38 010202130 IP 192.168.178.2.53547 > 52.95.118.208.443 : proto TCP: F 136605150:136605150(0) win 515 checksum : 54443
0x0000:  4500 0028 03a8 4000 8006 d94d c0a8 b202  E..(..@....M....
0x0010:  345f 76d0 d12b 01bb 0824 6dde 0718 6b49  4_v..+...$m...kI
0x0020:  5011 0203 d4ab 0000                      P.......
Date=2022-12-07 Time=16:59:38 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=52.95.118.208 l4_protocol=TCP source_port=53547 dest_port=443 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 status=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:40 010202130 IP 192.168.178.2.53550 > 67.220.228.97.443 : proto TCP: F 3077122298:3077122298(0) win                                                                                                                         515 checksum : 27786
0x0000:  4500 0028 2436 4000 8006 3bb1 c0a8 b202  E..($6@...;.....
0x0010:  43dc e461 d12e 01bb b769 28fa a800 4b0f  C..a.....i(...K.
0x0020:  5011 0203 6c8a 0000                      P...l...
Date=2022-12-07 Time=16:59:40 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log                                                                                                                        _status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_na                                                                                                                        me= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=67.220.228.97 l4_protocol=TCP source_port=53550 dest_port=443 fw                                                                                                                        _rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotu                                                                                                                        ser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_i                                                                                                                        d=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 statu                                                                                                                        s=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:43 010202130 IP 192.168.178.2.53539 > 52.94.222.127.443 : proto TCP: F 2188309292:2188309292(0) win                                                                                                                         515 checksum : 20700
0x0000:  4500 0028 e2c8 4000 8006 927e c0a8 b202  E..(..@....~....
0x0010:  345e de7f d123 01bb 826e f32c f2c0 9c30  4^...#...n.,...0
0x0020:  5011 0203 50dc 0000                      P...P...
Date=2022-12-07 Time=16:59:43 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log                                                                                                                        _status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_na                                                                                                                        me= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=52.94.222.127 l4_protocol=TCP source_port=53539 dest_port=443 fw                                                                                                                        _rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotu                                                                                                                        ser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_i                                                                                                                        d=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 statu                                                                                                                        s=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:43 010202130 IP 192.168.178.2.53545 > 176.32.110.78.443 : proto TCP: F 3308048839:3308048839(0) win                                                                                                                         513 checksum : 31158
0x0000:  4500 0028 ce76 4000 8006 9b3f c0a8 b202  E..(.v@....?....
0x0010:  b020 6e4e d129 01bb c52c d1c7 219f 178a  ..nN.)...,..!...
0x0020:  5011 0201 79b6 0000                      P...y...
Date=2022-12-07 Time=16:59:43 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log                                                                                                                        _status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_na                                                                                                                        me= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=176.32.110.78 l4_protocol=TCP source_port=53545 dest_port=443 fw                                                                                                                        _rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotu                                                                                                                        ser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_i                                                                                                                        d=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 statu                                                                                                                        s=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:48 010202130 IP 192.168.178.2.53547 > 52.95.118.208.443 : proto TCP: R 136605151:136605151(0) checks                                                                                                                        um : 54954
0x0000:  4500 0028 03ac 4000 8006 d949 c0a8 b202  E..(..@....I....
0x0010:  345f 76d0 d12b 01bb 0824 6ddf 0718 6b49  4_v..+...$m...kI
0x0020:  5014 0000 d6aa 0000                      P.......
Date=2022-12-07 Time=16:59:48 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log                                                                                                                        _status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_na                                                                                                                        me= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=52.95.118.208 l4_protocol=TCP source_port=53547 dest_port=443 fw                                                                                                                        _rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotu                                                                                                                        ser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_i                                                                                                                        d=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 statu                                                                                                                        s=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:49 010202130 IP 172.16.0.154.32838 > 142.250.185.104.443 : proto TCP: F 3170364895:3170364926(31) wi                                                                                                                        n 1388 checksum : 9310
0x0000:  4500 0053 67a1 4000 4006 ddf6 ac10 009a  E..Sg.@.@.......
0x0010:  8efa b968 8046 01bb bcf7 eddf 0748 4418  ...h.F.......HD.
0x0020:  8019 056c 245e 0000 0101 080a 000e 1ae8  ...l$^..........
0x0030:  c3a9 3f64 1503 0300 1a00 0000 0000 0000  ..?d............
0x0040:  029e 7c93 7e50 f2de 1460 0026 cb60 c723  ..|.~P...`.&.`.#
0x0050:  4e11 aa                                  N..
Date=2022-12-07 Time=16:59:49 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log                                                                                                                        _status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_na                                                                                                                        me= l3_protocol=IPv4 source_ip=172.16.0.154 dest_ip=142.250.185.104 l4_protocol=TCP source_port=32838 dest_port=443 f                                                                                                                        w_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspot                                                                                                                        user_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_                                                                                                                        id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 stat                                                                                                                        us=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

2022-12-07 16:59:52 010202130 IP 192.168.178.2.53550 > 67.220.228.97.443 : proto TCP: R 3077122299:3077122299(0) chec                                                                                                                        ksum : 28297
0x0000:  4500 0028 243d 4000 8006 3baa c0a8 b202  E..($=@...;.....
0x0010:  43dc e461 d12e 01bb b769 28fb a800 4b0f  C..a.....i(...K.
0x0020:  5014 0000 6e89 0000                      P...n...
Date=2022-12-07 Time=16:59:52 log_id=010202130 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log                                                                                                                        _status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=0 outzone_id=0 source_mac= dest_mac= bridge_na                                                                                                                        me= l3_protocol=IPv4 source_ip=192.168.178.2 dest_ip=67.220.228.97 l4_protocol=TCP source_port=53550 dest_port=443 fw                                                                                                                        _rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotu                                                                                                                        ser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_i                                                                                                                        d=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 gateway_offset=0 connid=0 masterid=0 statu                                                                                                                        s=0 state=0, flag0=0 flags1=0 pbrid[0]=0 pbrid[1]=0 profileid[0]=0 profileid[1]=0

0 Bilos David over 1 year ago in reply to LHerzog

Hello,
thanks for the fast respond!

Enclosed you will find the generating logs!

BD-IPv4-Netzwerk network is my local network 172.16.0.0/24

The firewall is my router (routing / DHCP / etc.)
yes you are right that the DHCP range (192.168.178.0/24) from the Fritzbox. But that has nothing to do with my configuration, since the Fritzbox works as a modem!

Even with the standard Sophos XG settings (default IP range for SSL VPN) it didn't work!...
Cancel
Vote Up 0 Vote Down

Cancel
0 LHerzog over 1 year ago in reply to Bilos David

I suspect that clients that are in a network with a fritzbox on their (remote) side will run into trouble with that configuration.

anyway:

what is the tun1 interface for? The DHCP Server on XG is configured for 192.168.178.0/24 while tun0 has 192.168.178.0/25 and tun1 has 192.168.178.128/25

That at least is a misconfiguration and if it does not work the traffic is sent to tun1 while tun0 is used in working situation.
Cancel
Vote Up +1 Vote Down

Cancel
0 Bilos David over 1 year ago in reply to LHerzog

Hello,

yes, but my fritzbox only works as a modem, the Sophos-XG has a public IP from the ISP, no local IP from the Fritzbox in the range 192.168.178.1-192.168.178.254.

The Sophos-XG configuration is:

172.16.0.1/24

DHCP server 172.16.0.150 - 172.16.0.200/24

Tun0 is correct 192.168.178.1

I did not create the Tun1, I only realized today that there are 2 VPN interfaces configured. I also strongly suspect that this is the cause! How can I delete or disable the tun interface?
Cancel
Vote Up +1 Vote Down

Cancel
0 Bilos David over 1 year ago in reply to Bilos David

Hello,

if I deactivate the TUN1, I cannot connect to the tunnel. as it looks it is important for the connection and is activated automatically!

what can I do!
Cancel
Vote Up 0 Vote Down

Cancel
0 LHerzog over 1 year ago in reply to Bilos David

I would disable SSL VPN, reconfigure it with a separate subnet and check that DHCP Server uses the correct subnets.

Is there IPSec Remote Access VPN enabled for the TUN1 IP Range? If so, disable IPSec Remote Access VPN.

And be sure, the DNS Server for the SSL VPN network is the firewall itself and DNS is allowed in the VPN zone in administration->device access.

If it does not help or the tun1 interface remains, contact support.
Cancel
Vote Up 0 Vote Down

Cancel
0 Bilos David over 1 year ago in reply to LHerzog

Hello,

I deleted the configuration and then set it up again using the Assistant. I also switched to UDP port 8443. SSL VPN IP network: 10.10.10.0/24

No, do not use IPsec!

I have now changed the DNS to the firewall.
unfortunately the changes didn't work!

I suspect very strongly that it is due to the missing VPN interface under Network> Interfaces!

how can I create the VPN interface?

VPN does not exist

VPN is not available

SFVH_VM01_SFOS 19.0.1 MR-1-Build365# ip link

1: tun1: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast group 0x05 nfmark 0 nfmark6 0 ne ttype 0 state UNKNOWN mode DEFAULT group default qlen 1000
link/none
2: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast group 0x05 nfmark 0 nfmark6 0 ne ttype 0 state UNKNOWN mode DEFAULT group default qlen 1000
link/none

SFVH_VM01_SFOS 19.0.1 MR-1-Build365# netstat -i
Kernel Interface table
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
GuestAP 1500 0 0 0 0 0 0 0 0 BMU
PortA 1500 2492314 0 20 0 4337648 0 0 0 BMRU
PortB 1500 5535860 0 0 0 3466438 0 0 0 BMRU
ifb0 1500 6329427 0 0 0 6329427 0 0 0 BORU
ipsec0 16260 0 0 0 0 0 0 0 0 BMORU
lo 65536 3060660 0 0 0 3060660 0 0 0 LRU
tun0 1500 89956 0 0 0 74750 0 0 0 MOPRU
tun1 1500 58299 0 0 0 76373 0 0 0 MOPRU
Cancel
Vote Up 0 Vote Down

Cancel
0 LHerzog over 1 year ago in reply to Bilos David

It is normal that the VPN Interfaces do not show in the Network Interfaces tab. Also the VPN Zone is a default zone and cannot be removed or changed. So they greyed it out.

What is your situation now? The clients can connect and get an IP address from the 10.xxx subnet?

Can they connect (ping) to the sophos firewall and use it as DNS resolver (nslookup)?

Is your SSL VPN Profile setting again "use as default gateway"?
Cancel
Vote Up 0 Vote Down

Cancel