06-29-2021 09:57 PM - edited 06-29-2021 10:25 PM
I got the following scenario.
client -> Paloalto -> Server:1234
The client initiates a tcp session to server always using the same source port and same sequence number (verified in packet capture). The session time out is the default 60 minutes.
The client sometimes looses network coverage and initiates a new sync (with same source port and sequence number). But on the firewall the previous session exists and this syn packet is causing the session timer to reset. So the session is never timing out and the capture on firewall is showing that it is dropping all the new syn packets.
We ended up having to clear the sessions manually on firewall for the client to be able to connect.
We did open ticket with support and were told that client is not following RFC (they need to stop using same source port and sequence number). But as usual the client is saying that this application is working at other sites and it is firewall issue.
Looking for some pointers on this.
07-01-2021 03:32 AM
See the other things I mentioned.
07-01-2021 03:42 AM
We will try for enchancement request. Also we are testing by lowering time out
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!