What could be causing this issue?

In the process of troubleshooting traffic issues across a VPN tunnel, you notice on the
output of fw monitor -e host(172.21.1.10), accept; that packets are going through the
inbound chain (i > I) and then disappearing after the outbound chain (o > __), while you
were expecting to see the packet leave on O. What could be causing this issue?

In the process of troubleshooting traffic issues across a VPN tunnel, you notice on the
output of fw monitor -e host(172.21.1.10), accept; that packets are going through the
inbound chain (i > I) and then disappearing after the outbound chain (o > __), while you
were expecting to see the packet leave on O. What could be causing this issue?

A.
The packet is getting silently dropped because there is no route for the packet.

B.
It’s not showing up on the fw monitor because it is exiting the wrong interface

C.
When packets are destined to leave through a VPN tunnel, it is encrypted and
encapsulated in an ESP packet, and thus will not show up on a fw monitor.

D.
The gateway never completed the IKE and IPSec key exchange, and the tunnel does not
exist yet.



Leave a Reply 0

Your email address will not be published. Required fields are marked *