03-06-2012 04:06 AM - edited 03-11-2019 03:38 PM
Hi All.
I've got a problem on 887VAMG router. It drops important connections. As customer wants to have a firewall I created ACL and ip inspect rules ,but the router drops their connections to cloud and some websites are not opening. So I removed ACL and most ip inspect rules just to test if it effects that. And left only ip inspect http urlfilter. But still they have those problems, so I'm really stuck how to configure that firewall.
I'll be highly appretiated for any help.
The below some dropping connection review:
%FW-6-DROP_PKT: Dropping tcp session due to RST inside current window with ip ident 13968 tcpflags 0x5014 seq.no 1629693318 ack 1687676045
000049: Mar 6 11:49:21.324: %FW-6-DROP_PKT: Dropping http session <ip>:1766 69.171.242.12:80 with ip ident 26247 tcpflags 0x5018 seq.no 264144210 ack 642133125
000050: Mar 6 11:50:00.774: %FW-6-DROP_PKT: Dropping http session <ip>:4708 69.171.242.12:80 with ip ident 2425 tcpflags 0x5018 seq.no 3819869211 ack 1862176018
000051: Mar 6 11:50:52.515: %FW-6-DROP_PKT: Dropping http session <ip>:2599 173.194.34.90:80 due to RST inside current window with ip ident 22909 tcpflags 0x5014 seq.no 899975979 ack 92642430
000052: Mar 6 11:51:24.013: %FW-6-DROP_PKT: Dropping http session <ip>:4765 194.106.151.77:80 due to RST inside current window with ip ident 4118 tcpflags 0x5014 seq.no 3161679649 ack 1450263460
068974: Mar 6 05:10:14.676: %FW-6-DROP_PKT: Dropping http session 66.101.6.51:80 <ip>:1530 due to RST inside current window with ip ident 8954 tcpflags 0x5014 seq.no 2056370527 ack 2999433041
068975: Mar 6 05:35:48.385: %FW-6-DROP_PKT: Dropping http session 66.101.6.51:80 <ip>:1882 due to Stray Segment with ip ident 27148 tcpflags 0x5010 seq.no 939083425 ack 724203821
068976: Mar 6 05:36:21.734: %FW-6-DROP_PKT: Dropping http session 66.101.6.51:80 <ip>:4919 due to Stray Segment with ip ident 2945 tcpflags 0x5010 seq.no 704890853 ack 370246242
068977: Mar 6 06:29:14.628: %FW-6-DROP_PKT: Dropping http session <ip>:1214 66.101.6.51:80 due to Invalid Segment with ip ident 26797 tcpflags 0x7002 seq.no 2896034509 ack 0
068978: Mar 6 06:32:51.923: %FW-6-DROP_PKT: Dropping http session 66.101.6.51:80 <ip>:1653 due to SYN inside current window
Dropping http session due to RST inside current window with ip.
Dropping http session due to Stray Segment with ip.
These 2 are most of all. Why do they drop sessions? What do they mean?
Thanks.
03-14-2012 03:17 PM
I removed a firewall, ip inspecting and ACLs, but there is some delays for web browsing and slow internet connection.This model of router C887VAMG was introduced just in January, so I'm wonder if there are some bugs in firmware.
Why is this router is not capable to do inspection and firewalling? It shouldn't really drop the performance so high.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: