cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1770
Views
0
Helpful
1
Replies

ip inspect problem, dropping important connections on 887VAMG router

firestormnet
Level 1
Level 1

Hi All.

I've got a problem on 887VAMG router. It drops important connections. As customer wants to have a firewall I created ACL and ip inspect rules ,but the router drops their connections to cloud and some websites are not opening. So I removed ACL and most ip inspect rules just to test if it effects that. And left only ip inspect http urlfilter. But still they have those problems, so I'm really stuck how to configure that firewall.

I'll be highly appretiated for any help.

The below some dropping connection review:

%FW-6-DROP_PKT: Dropping tcp session  due to  RST inside current window with ip ident 13968 tcpflags 0x5014 seq.no 1629693318 ack 1687676045

000049: Mar  6 11:49:21.324: %FW-6-DROP_PKT: Dropping http session <ip>:1766 69.171.242.12:80    with ip ident 26247 tcpflags 0x5018 seq.no 264144210 ack 642133125

000050: Mar  6 11:50:00.774: %FW-6-DROP_PKT: Dropping http session <ip>:4708 69.171.242.12:80    with ip ident 2425 tcpflags 0x5018 seq.no 3819869211 ack 1862176018

000051: Mar  6 11:50:52.515: %FW-6-DROP_PKT: Dropping http session <ip>:2599 173.194.34.90:80  due to  RST inside current window with ip ident 22909 tcpflags 0x5014 seq.no 899975979 ack 92642430

000052: Mar  6 11:51:24.013: %FW-6-DROP_PKT: Dropping http session <ip>:4765 194.106.151.77:80  due to  RST inside current window with ip ident 4118 tcpflags 0x5014 seq.no 3161679649 ack 1450263460

068974: Mar  6 05:10:14.676: %FW-6-DROP_PKT: Dropping http session 66.101.6.51:80 <ip>:1530  due to  RST inside current window with ip ident 8954 tcpflags 0x5014 seq.no 2056370527 ack 2999433041

068975: Mar  6 05:35:48.385: %FW-6-DROP_PKT: Dropping http session 66.101.6.51:80 <ip>:1882  due to  Stray Segment with ip ident 27148 tcpflags 0x5010 seq.no 939083425 ack 724203821

068976: Mar  6 05:36:21.734: %FW-6-DROP_PKT: Dropping http session 66.101.6.51:80 <ip>:4919  due to  Stray Segment with ip ident 2945 tcpflags 0x5010 seq.no 704890853 ack 370246242

068977: Mar  6 06:29:14.628: %FW-6-DROP_PKT: Dropping http session <ip>:1214 66.101.6.51:80  due to  Invalid Segment with ip ident 26797 tcpflags 0x7002 seq.no 2896034509 ack 0

068978: Mar  6 06:32:51.923: %FW-6-DROP_PKT: Dropping http session 66.101.6.51:80 <ip>:1653  due to  SYN inside current window

Dropping http session due to  RST inside current window with ip.

Dropping http session due to  Stray Segment with ip.

These 2 are most of all. Why do they drop sessions? What do they mean?

Thanks.

1 Reply 1

firestormnet
Level 1
Level 1

I removed a firewall, ip inspecting and ACLs, but there is some delays for web browsing and slow internet connection.This model of router C887VAMG was introduced just in January, so I'm wonder if there are some bugs in firmware.

Why is this router is not capable to do inspection and firewalling? It shouldn't really drop the performance so high.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: