so i did a pcap. seems the 'drop' log has a bunch of packets in it (outbound to server). So i guess they are being dropped on the way out on the initial connection attempt? the transmit log is empty so i guess my packets are not even leaving the Firewall however, if i test the fw rule from the command line everything seems fine (action allow). test security-policy-match from ZONE source <My IP> to ZONE destination <Remote IP> protocol 6 destination-port 23 also, the rule as it stands right now is very loose. @zarnia: Ill try looking at session data next, @gafrol: I dont think there is a routing issue. The client LAN hooks up to the PA, then out through the IPSec VPN on the PA, so there not much room for different routes if any at all. LAN -> PA/NAT -> IPSec VPN -> Remote Side
... View more