At (about) the time of internet access blockage, the output is something like this:ġ0.65.15.11-8 > 1.1.1.1-0 1 AS 1 I 3 Got start of flow event from hardware with flags C0000001ġ0.65.15.11-8 > 1.1.1.1-0 1 AS 1 I 3 Got end of flow event from hardware with flags C0000001 However, as far as the output itself is concerned, i haven't been able to extract something useful.everything seems OK. This is very useful, if there were lots of connections it would be more difficult! Given the fact that i only have 1-2 hosts in the inside network (yet), i have the feeling that the "system support firewall-engine-debug" command output is quite close to real time. Is there some more specific action i should take to prevent this temporary blocking? i have also added the other more specific rule mentioned above without significant improvement. BTW i have also used "trust" instead of "allow" without effect. the security policy consists only of one default rule (all traffic from inside to outside is allowed). only 2 interfaces and zones used (incoming & outgoing) NGFWv latest edition on vsphere (ESXi) 6.5 Seems as if the firewall treats the traffic as some kind of attack. the situation got better but the result was the same: after upload finishes all internet traffic is blocked. later on i added a specific rule to trust speedtest and speedtest upload applications. at first the download speed decreased gradually and thereafter all internet traffic was blocked for some minutes.Ģ. As the subject implies, whenever i perform an ookla speedtest ( ) on any host of my internal network, the following situations occur:ġ.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |