what is the problem?

Refer to the Exhibit.

— Exhibit —
CID-0:RT: flow process pak fast ifl 71 in_ifp ge-0/0/5.0
CID-0:RT: ge-0/0/5.0:10.0.0.2/55892->192.168.1.2/80, tcp, flag 2 syn
CID-0:RT: find flow: table 0x5a386c90, hash 50728(0xffff), sa 10.0.0.2, da 192.168.1.2, sp 55892,
dp 80, proto 6, tok 7
CID-0:RT: no session found, start first path. in_tunnel – 0x0, from_cp_flag – 0
CID-0:RT: flow_first_create_session
CID-0:RT: flow_first_in_dst_nat: in <ge-0/0/5.0>, out <N/A> dst_adr 192.168.1.2, sp 55892, dp 80

CID-0:RT: chose interface ge-0/0/5.0 as incoming nat if.
CID-0:RT:flow_first_rule_dst_xlatE. DST no-xlatE. 0.0.0.0(0) to 192.168.1.2(80)
CID-0:RT:flow_first_routinG. vr_id 0, call flow_route_lookup(): src_ip 10.0.0.2, x_dst_ip
192.168.1.2, in ifp ge-0/0/5.0, out ifp N/A sp 55892, dp 80, ip_proto 6, tos 10
CID-0:RT:Doing DESTINATION addr route-lookup
CID-0:RT: routed (x_dst_ip 192.168.1.2) from LAN (ge-0/0/5.0 in 0) to ge-0/0/1.0, Next-hop:
172.16.32.1
CID-0:RT:flow_first_policy_searcH. policy search from zone LAN-> zone WAN
(0x0,0xda540050,0x50)
CID-0:RT:Policy lkup: vsys 0 zone(7:LAN) -> zone(6:WAN) scope:0
CID-0:RT: 10.0.0.2/55892 -> 192.168.1.2/80 proto 6
CID-0:RT:Policy lkup: vsys 0 zone(5:Unknown) -> zone(5:Unknown) scope:0
CID-0:RT: 10.0.0.2/55892 -> 192.168.1.2/80 proto 6
CID-0:RT: app 6, timeout 1800s, curr ageout 20s
CID-0:RT: packet dropped, denied by policy
CID-0:RT: denied by policy default-policy-00(2), dropping pkt
CID-0:RT: packet dropped, policy deny.
CID-0:RT: flow find session returns error.
CID-0:RT: —– flow_process_pkt rc 0x7 (fp rc -1)
CID-0:RT:jsf sess close notify
CID-0:RT:flow_ipv4_del_flow: sess , in hash 32

— Exhibit —
A host is not able to communicate with a Web server.
Based on the logs shown in the exhibit, what is the problem?

Refer to the Exhibit.

— Exhibit —
CID-0:RT: flow process pak fast ifl 71 in_ifp ge-0/0/5.0
CID-0:RT: ge-0/0/5.0:10.0.0.2/55892->192.168.1.2/80, tcp, flag 2 syn
CID-0:RT: find flow: table 0x5a386c90, hash 50728(0xffff), sa 10.0.0.2, da 192.168.1.2, sp 55892,
dp 80, proto 6, tok 7
CID-0:RT: no session found, start first path. in_tunnel – 0x0, from_cp_flag – 0
CID-0:RT: flow_first_create_session
CID-0:RT: flow_first_in_dst_nat: in <ge-0/0/5.0>, out <N/A> dst_adr 192.168.1.2, sp 55892, dp 80

CID-0:RT: chose interface ge-0/0/5.0 as incoming nat if.
CID-0:RT:flow_first_rule_dst_xlatE. DST no-xlatE. 0.0.0.0(0) to 192.168.1.2(80)
CID-0:RT:flow_first_routinG. vr_id 0, call flow_route_lookup(): src_ip 10.0.0.2, x_dst_ip
192.168.1.2, in ifp ge-0/0/5.0, out ifp N/A sp 55892, dp 80, ip_proto 6, tos 10
CID-0:RT:Doing DESTINATION addr route-lookup
CID-0:RT: routed (x_dst_ip 192.168.1.2) from LAN (ge-0/0/5.0 in 0) to ge-0/0/1.0, Next-hop:
172.16.32.1
CID-0:RT:flow_first_policy_searcH. policy search from zone LAN-> zone WAN
(0x0,0xda540050,0x50)
CID-0:RT:Policy lkup: vsys 0 zone(7:LAN) -> zone(6:WAN) scope:0
CID-0:RT: 10.0.0.2/55892 -> 192.168.1.2/80 proto 6
CID-0:RT:Policy lkup: vsys 0 zone(5:Unknown) -> zone(5:Unknown) scope:0
CID-0:RT: 10.0.0.2/55892 -> 192.168.1.2/80 proto 6
CID-0:RT: app 6, timeout 1800s, curr ageout 20s
CID-0:RT: packet dropped, denied by policy
CID-0:RT: denied by policy default-policy-00(2), dropping pkt
CID-0:RT: packet dropped, policy deny.
CID-0:RT: flow find session returns error.
CID-0:RT: —– flow_process_pkt rc 0x7 (fp rc -1)
CID-0:RT:jsf sess close notify
CID-0:RT:flow_ipv4_del_flow: sess , in hash 32

— Exhibit —
A host is not able to communicate with a Web server.
Based on the logs shown in the exhibit, what is the problem?

A.
A policy is denying the traffic between these two hosts.

B.
A session has not been created for this flow.

C.
A NAT policy is translating the address to a private address.

D.
The session table is running out of resources.

Explanation:



Leave a Reply 0

Your email address will not be published. Required fields are marked *