This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

From few day "Invalid traffic - Could not associate packet to any connection"

Hello,
I've been detecting a strange behavior on an xgs 2300 (SFOS 19.0.1 MR-1-Build365) for a few days.
At first the connections of some PCs to an IP seem to work but then I start to log a series of errors such as "Invalid traffic" (I attach a screenshot). The firewall rule is a simple LAN to Wan rule without any checks (only audio streaming checks). Other PCs, on the other hand, access easily. The destination IP is from a banking institution and with this firewall configuration it has never had reachability problems. Can I investigate what?



This thread was automatically locked due to age.
Parents
  • This is likely a normal behaviour and i always recommend to disable invalid traffic due the not need to log them in the first place.

    Likely they are all idle session, which are getting closed. 

    See: docs.sophos.com/.../index.html

    __________________________________________________________________________________________________________________

  • Hi Lucas and thanks for the reply.
    In fact I had already read the page you pointed me to but as I read in a note on the same page "This does not resolve issues. This will only decrease the number of invalid traffic events logged by Sophos Firewall." And unfortunately this is my problem: a stable situation until last Friday which suddenly prevents me from accessing some sites with a high increase in logs due to "Invalid Traffic". I'm waiting for my customer to try a reset of a PC on Friday to see if any windows update caused this problem. Is there a method to close all idle sessions?

  • This is likely not a problem caused by the firewall. Invalid traffic is some symptom and idle session or closed session are caused by the client. 

    __________________________________________________________________________________________________________________

Reply
  • This is likely not a problem caused by the firewall. Invalid traffic is some symptom and idle session or closed session are caused by the client. 

    __________________________________________________________________________________________________________________

Children