What could be causing this issue?

In the process of troubleshooting traffic issues across a VPN tunnel, you notice on the output of
fw monitor -e host(172.21.1.10), accept; that packets are going through the inbound chain (i > I)
and then disappearing after the outbound chain (o > __), while you were expecting to see the
packet leave on O. What could be causing this issue?

In the process of troubleshooting traffic issues across a VPN tunnel, you notice on the output of
fw monitor -e host(172.21.1.10), accept; that packets are going through the inbound chain (i > I)
and then disappearing after the outbound chain (o > __), while you were expecting to see the
packet leave on O. What could be causing this issue?

A.
The packet is getting silently dropped because there is no route for the packet.

B.
It’s not showing up on the fw monitor because it is exiting the wrong interface

C.
When packets are destined to leave through a VPN tunnel, it is encrypted and encapsulated in
an ESP packet, and thus will not show up on a fw monitor.

D.
The gateway never completed the IKE and IPSec key exchange, and the tunnel does not exist
yet.

Explanation:



Leave a Reply 0

Your email address will not be published. Required fields are marked *