Hello,I've been detecting a strange behavior on an xgs 2300 (SFOS 19.0.1 MR-1-Build365) for a few days.At first the connections of some PCs to an IP seem to work but then I start to log a series of errors such as "Invalid traffic" (I attach a screenshot). The firewall rule is a simple LAN to Wan rule without any checks (only audio streaming checks). Other PCs, on the other hand, access easily. The destination IP is from a banking institution and with this firewall configuration it has never had reachability problems. Can I investigate what?
This is likely a normal behaviour and i always recommend to disable invalid traffic due the not need to log them in the first place.
Likely they are all idle session, which are getting closed.
Hi Lucas and thanks for the reply.In fact I had already read the page you pointed me to but as I read in a note on the same page "This does not resolve issues. This will only decrease the number of invalid traffic events logged by Sophos Firewall." And unfortunately this is my problem: a stable situation until last Friday which suddenly prevents me from accessing some sites with a high increase in logs due to "Invalid Traffic". I'm waiting for my customer to try a reset of a PC on Friday to see if any windows update caused this problem. Is there a method to close all idle sessions?
This is likely not a problem caused by the firewall. Invalid traffic is some symptom and idle session or closed session are caused by the client.
Thank you again; so now I'm checking some changes on client and I'll come back with good news.. I hope
Hi LuCar, my client reverted the PC to a recovery point and now everithing seems to work good. The cause probably was latest windows update. Thank you again for supportt.