Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Drop packet with no reason.... (or maybe one but i don't which one ;-))

DisaRicksDisaRicks Newbie ✭
edited February 2021 in Firewall Security Services

Hi everybody,

i use a TZ-400 sonicwall with Firmware 6.5.4....

i receive a error i packet monitor

DROPPED, Drop Code: 734(Packet dropped - drop bounce same link pkt), Module Id: 25(network)

i can't find any information about this error on internet.

I have a rule to allow traffic from zone to zone with the right port and destination.

Il already create hundreds of similar rules but this one doesn't work and i can't find why?

The port is 443

If you can help me, i'll be glad.

Thank you

Eric

Category: Firewall Security Services
Reply

Best Answer

  • CORRECT ANSWER
    shiprasahu93shiprasahu93 Moderator
    Answer ✓

    @DisaRicks,

    It is definitely not related to access rules as that would say dropped due to Policy drop.

    This definitely needs some real-time troubleshooting and we might need to check the ARPs to see if something is different for this connection.

    Kindly reach out to our support team for further help.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

Answers

  • @DisaRicks,

    Welcome to the SonicWall community.

    That drop code usually means that the packet being dropped is the same packet that was sent out on that link a few moments ago. It usually takes place if there is some kind of physical loop.

    Could you please check the same and if possible share a screenshot of the packet monitor.

    Thank you!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • Hi,


    thank you to answerso quickly.

    here is a screenshot of packet monitor

    and the packet detail


    Ethernet Header

     Ether Type: IP(0x800), Src=[00:09:0f:09:a4:07], Dst=[18:b1:69:88:53:9e]

    IP Packet Header

     IP Type: TCP(0x6), Src=[10.55.87.87], Dst=[172.20.85.31]

    TCP Packet Header

     TCP Flags = [SYN,], Src=[49406], Dst=[443], Checksum=0x66e3

    Application Header

     HTTPS

    Value:[1]

    DROPPED, Drop Code: 734(Packet dropped - drop bounce same link pkt), Module Id: 25(network), (Ref.Id: _2098_jcpfngDqwpegVtchhke) 2:2)


    thank you

  • @DisaRicks,

    Do you have a network diagram handy or let me know what subnets you have on X2 and to which interface should this be forwarded to?

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • Hi


    on X2 i've the IP 10.14.128.81/29 witch is connected to another router on IP 10.14.128.80/29 (the arrival of the packets)

    I receive a packet from an IP 10.55.87.87 with port 443 for a destination on another TZ-400 accross a VPN Connexion on X1 interface (WAN).

    I already use a similar connexion that works perfectly :

    I receive on the same X2 from IIP 10.42.18.118 with port 4098 destination : 172.20.85.32 accross the same VPN on X1

    I've a rule that says : from 10.42.18.118 with port 4098 to 172.20.85.32 : allow

    Here, i say from 10.55.87.87 with port 443 to 172.20.85.31 : allow

    For the route i 've : origine : 10.42.18.118 to 172.20.85.32 with any port go to GTW : PAS_SW_X3IP on interface X1 (ok)

    here i say : origine : 10.55.87.87 to 172.20.85.31 with any port go to GTW : PAS_SW_X3IP on interface X1


    hope to be clear...


    Eric

  • Thank you, i submit a support request.

    Eric

  • TrademarkQTrademarkQ Newbie ✭

    I ran into the same error after 'cleaning' up some NAT Policies:

    DROPPED, Drop Code: 734(Packet dropped - drop bounce same link pkt), Module Id: 25(network), (Ref.Id: _2122_jcpfngDqwpegVtchhke) 1:2)

    In my case, I had inadvertently removed the protocol in question (examine the packet header information in the packet capture) from the Original Service value of the NAT Policy. Once I added the protocol in question (Service Object) back into the Service Group used in this NAT Policy, my access worked and the drop error ceased.

  • BartManBartMan Newbie ✭

    I had the same problem and can confirm that this was resolved by creating a correct ( and missing ) NAT rule.

    I reviewed my NAT rules and realized there was not one present at all to match the traffic I was generating, but the text of the error was certainly confusing ( not to mention that it matches the wrong drop code listed in Sonicwall's KB list of drop codes ).

Sign In or Register to comment.