robprose77 Newbie ✭
I recently connected a Gen7 NSa-2700 to a Gen6-2600 using a VPN tunnel interface with OSPFv2 routing on it. This has been done using TZ series devices with no problem. Recently I had the customer start telling me that they are seeing 1 -2 minute traffic drops randomly and in the logs on the 2700 I see that the 2600 dropped and wasn't responding to the reconnect. In the 2600 I am seeing IPS blocking packets from the WAN IP of the 2700 saying that it's an IP Spoof. I have gone through so many articles and sites and the only thing I can find about this is a reference to the dual AWS connections and enabling Asymmetric Route Support.
Category: Mid Range Firewalls
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
Have you considered adding an exception to IPS for the NSA2700's WAN IP address?
I just did and the Spoof alerts are still there. The interesting thing I am seeing is that the WAN IP of the 2700 shows it's source internface to be X1 on the 2600 with a destination of X1 on the 2600. The 2600 is in a HA cluster. Could this be the source of the problem? Could traffic somehow be routing from one to the other in the cluster causing this to happen?
Means the source ip address of the traffic is not in the routing table, weather that is due to ospf timeouts or other?