topic Packets loss but no drops - VM Series, AWS, GWLB in VM-Series in the Public Cloud https://live.paloaltonetworks.com/t5/vm-series-in-the-public-cloud/packets-loss-but-no-drops-vm-series-aws-gwlb/m-p/519202#M1722 <P>i have a server sending traffic on 443 through GWLB to my Palos and out to the internet</P> <P>&nbsp;</P> <P>The logs all say 'aged out'</P> <P>&nbsp;</P> <P>Packet capture reveals the SYN arriving wearing GENEVE, being de-encapsulated, source NATed and forwarded out Untrust</P> <P>&nbsp;</P> <P>The SYN/ACK arrives on Untrust, but there is no record of the firewall forwarding these packets to GWLB and client - they just vanish</P> <P>&nbsp;</P> <P>The drops packet capture is empty</P> <P>&nbsp;</P> <P>This worked previously, but we had to rebuild Panorama after a disaster and a colleague has been 'hardening' the appliances</P> <P>&nbsp;</P> <P>I suspect an error has been introduced but for the life of me I can't work out what it might be</P> Wed, 26 Oct 2022 09:32:38 GMT DaveHillElavon 2022-10-26T09:32:38Z Packets loss but no drops - VM Series, AWS, GWLB https://live.paloaltonetworks.com/t5/vm-series-in-the-public-cloud/packets-loss-but-no-drops-vm-series-aws-gwlb/m-p/519202#M1722 <P>i have a server sending traffic on 443 through GWLB to my Palos and out to the internet</P> <P>&nbsp;</P> <P>The logs all say 'aged out'</P> <P>&nbsp;</P> <P>Packet capture reveals the SYN arriving wearing GENEVE, being de-encapsulated, source NATed and forwarded out Untrust</P> <P>&nbsp;</P> <P>The SYN/ACK arrives on Untrust, but there is no record of the firewall forwarding these packets to GWLB and client - they just vanish</P> <P>&nbsp;</P> <P>The drops packet capture is empty</P> <P>&nbsp;</P> <P>This worked previously, but we had to rebuild Panorama after a disaster and a colleague has been 'hardening' the appliances</P> <P>&nbsp;</P> <P>I suspect an error has been introduced but for the life of me I can't work out what it might be</P> Wed, 26 Oct 2022 09:32:38 GMT https://live.paloaltonetworks.com/t5/vm-series-in-the-public-cloud/packets-loss-but-no-drops-vm-series-aws-gwlb/m-p/519202#M1722 DaveHillElavon 2022-10-26T09:32:38Z Re: Packets loss but no drops - VM Series, AWS, GWLB https://live.paloaltonetworks.com/t5/vm-series-in-the-public-cloud/packets-loss-but-no-drops-vm-series-aws-gwlb/m-p/521053#M1731 <P>Hi Dave!<BR /><BR />Hope all is well. I would recommend setting up packet filters and collecting the global counters if you have not done so yet...<BR /><BR /><A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CloNCAS" target="_blank">How to check global counters for a specific source and destinat... - Knowledge Base - Palo Alto Networks</A><BR /><BR />Feel free to provide the output for the global counters once you have them.</P> Fri, 11 Nov 2022 20:59:23 GMT https://live.paloaltonetworks.com/t5/vm-series-in-the-public-cloud/packets-loss-but-no-drops-vm-series-aws-gwlb/m-p/521053#M1731 MIST3R_VIRTS3C 2022-11-11T20:59:23Z