Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Options

IPSEC VPN Issues

Within the last 24 hours, all of our firewalls managing IPSEC VPNs have started dropping VPN traffic with Drop Code: 97(Access Rule Policy not found).

The VPN tunnels have remained up, however all traffic we send down it is dropped.

We have seen this across multiple firewall models (NSA 5650, NSA 4650, NSA 2650, NSA 2600)

This started at some point after 19:00 UK Time - I will update one I have narrowed down the time

We have made no changes to our VPN config, our rules or our routing in the last week, so are confident that we have not caused this.

We have been on the phone awaiting support for over 2 hours now and wanted to see if the community is aware of this as a known issue and to see if others are experiencing the same fault

Category: Mid Range Firewalls
Reply
Tagged:

Answers

  • Options
    ArkwrightArkwright All-Knowing Sage ✭✭✭✭

    Nope, haven't seen this. I would definitely have noticed as I look after many firewalls connected with VPNs, and heavily monitored.

  • Options
    BWCBWC Cybersecurity Overlord ✭✭✭

    @User4456 are you running the latest Firmware? I've seen something like this on <6.5.4.10 if I remember correctly.

    The Access Rules were still shown and should have allowed the traffic, but it got dropped. Restart fixed it for a while but it was addressed in a later SonicOS release.

    --Michael@BWC

  • Options
    ArkwrightArkwright All-Knowing Sage ✭✭✭✭

    The Access Rules were still shown and should have allowed the traffic,

    Yes! Seen this quite a few times on Gen6. Never worked out what the root cause was but the workaround was to create an allow rule very similar to the automatically created rule that somehow didn't seem to allow what it should. It always seemed to show up after a reboot.

Sign In or Register to comment.