@Ajishlal which Firmware, I had similar drops before 6.5.4.12. Allowed traffic per Rule was blocked for no reason because of a Firmware bug. I guess you already checked that the dropped traffic should be allowed by a proper rule.
I'am not sure if routing to DropTunnelIf is causing the same Drop Code.
Published one internal service and its accessible from all location except 1.
Previously the same issue happen at that time configured the source WAN interface (from where we published the Service) with "Enable Asymmetric Route Support" and helped me to resolve the issue.
Now I am getting new drop code with below message:
Nb: Packet capture done from the server hosted location
Ajishlal
Community Legend ✭✭✭✭✭
Answers
This is a typically (80-20 principle) due to Access Rule. That's the first thing I would check.
@Ajishlal which Firmware, I had similar drops before 6.5.4.12. Allowed traffic per Rule was blocked for no reason because of a Firmware bug. I guess you already checked that the dropped traffic should be allowed by a proper rule.
I'am not sure if routing to DropTunnelIf is causing the same Drop Code.
--Michael@BWC
@MustafaA
Its not about the ACL.
I will explain the scenario;
Published one internal service and its accessible from all location except 1.
Previously the same issue happen at that time configured the source WAN interface (from where we published the Service) with "Enable Asymmetric Route Support" and helped me to resolve the issue.
Now I am getting new drop code with below message:
Nb: Packet capture done from the server hosted location
Ethernet Header
Ether Type: IP(0x800), Src=[**************], Dst=[***************]
IP Packet Header
IP Type: TCP(0x6), Src=[*****************], Dst=[*****************]
TCP Packet Header
TCP Flags = [SYN,], Src=[41234], Dst=[443], Checksum=0x21a
Application Header
HTTPS
Value:[1]
DROPPED, Drop Code: 726(Packet dropped - Policy drop), Module Id: 27(policy), (Ref.Id: _2251_rqnke{Ejgem) 2:17)
The current Firmware is SonicOS Enhanced 6.5.4.10-95n & its in production environment.
@Ajishlal this was definitely a release which haunted me with drops for no reason. A reboot resolved the situation.
Both possible solutions are disruptive and a pain for production environments.
--Michael@BWC
@BWC
Fyi, Published one internal service and its accessible from all location except 1.
When ever I am trying from that location I am getting the above drop code. Its really weird and confusing me.
This published service and don't have any rule for location based / IP based.