Hello,
I have a problem with mainly HTTPS connections showing up in the log as Invalid Traffic / Invalid TCP state. See screenshots below.
example domain is https://telekom.de
I have 2 Internet connections with separate NAT and SD-WAN routes. Routing shows correctly and see workaround below, works for both lines, if TCP Seq Checking is disabled.
So there seems to be an issue with TCP checking not routing. Especially, because most websites do work, even if it is turned on.
Interesting to mention, both internet connections are with the same provider and run through the same router. 1 I checked with packet capturing multiple times, that no routing issue persist. Many connections do work, but with the example of telekom.de it does not work at all on the second line... But if TCP Seq checking is on, the second line works in many cases nevertheless. Packet capture also shows no other packets being delivered somewhere else.
The 80... IP is telekom.de and both internet connections are internally rereferred to as 192.168.12.12 or 192.168.10.10
Current work around is to disable "TCP Seq Checking", then it works.
Issue persists with
SFOS 21.0.0 GA-Build169
and
SFOS 20.0.2 MR-2-Build378
Is something like this a known issue?
How can this be troubleshootet further?
Thank you.
Added TAGs
[edited by: Erick Jan at 12:45 AM (GMT -8) on 22 Nov 2024]
