About PatrickWalton

I may have a use case to redirect traffic being sourced external to my network to another external destination.   Based on the structure of the PBFpolicies it looks like I could do this and simply forward the traffic to another destination ip (not domain name).  I can't find any concrete data points that would indicate this is not possible, but wanted to see if anyone else had done it before.   Is it possible to do this? ... View more

When I look under Monitor -> Logs -> System, I see the following:   1. ipsec-key-delete: IPSec key deleted.  Deleted SA <SA info> SPI:<hex dump> 2. ike-nego-p2-succ: IKE phase-2 negotiation is succeeded as responder, quick mode.  Established SA <SA info> SPI: <hex dump> 3. ipsec-key-install: IPSec key installed.  Installed SA <SA info> SPI: <hex dump>   We have several site to site tunnels on this firewall, some of them with multiple proxy id's.  If I filter based on one specific proxy id, I see it going through this process frequently.  Sometimes it is multiple times per minute, sometimes it goes ~5 minutes or so.  The same occurs for numerous other proxy id's.   Is this something to be concerned about? It seems that I'm receiving delete messages that correspond to this behavior:   ike-recv-p2-delete: IKE protocol IPSec SA delete message received from peer.  SPI: <hex dump> ... View more

Hey all,   First time poster, long time lurker.  I have an odd issue with certain traffic being classified as RTMP.     Our guest wireless and corporate wireless exist in different zones.  Their address space is different, too.  We have two separate policies for corp and guest traffic, permitting http/https outbound to our external zone interface any any destination address.   What is odd is that some traffic hits the correct corp policy id, but other traffic hits a policy that is supposed to be for RTMP traffic:   Src Zone: Internal Source: Any Dst Zone: External Destination: Any Application: rtmp Service: application-default Action: allow   Only some traffic hits this policy, though.  For example I'm able to go to https://www.networklessons.com and it loads fine, hitting the right policy.  A packet capture shows a full three way handshake on the right policy, but only SYN and retransmit packets on the RTMP policy.   Any idea why only some of our https traffic is hitting that policy? ... View more