ip inspect problem, dropping important connections on 887VAMG router

firestormnet — Mon, 11 Mar 2019 22:38:37 GMT

Hi All.

I've got a problem on 887VAMG router. It drops important connections. As customer wants to have a firewall I created ACL and ip inspect rules ,but the router drops their connections to cloud and some websites are not opening. So I removed ACL and most ip inspect rules just to test if it effects that. And left only ip inspect http urlfilter. But still they have those problems, so I'm really stuck how to configure that firewall.

I'll be highly appretiated for any help.

The below some dropping connection review:

%FW-6-DROP_PKT: Dropping tcp session due to RST inside current window with ip ident 13968 tcpflags 0x5014 seq.no 1629693318 ack 1687676045

000049: Mar 6 11:49:21.324: %FW-6-DROP_PKT: Dropping http session <ip>:1766 69.171.242.12:80 with ip ident 26247 tcpflags 0x5018 seq.no 264144210 ack 642133125

000050: Mar 6 11:50:00.774: %FW-6-DROP_PKT: Dropping http session <ip>:4708 69.171.242.12:80 with ip ident 2425 tcpflags 0x5018 seq.no 3819869211 ack 1862176018

000051: Mar 6 11:50:52.515: %FW-6-DROP_PKT: Dropping http session <ip>:2599 173.194.34.90:80 due to RST inside current window with ip ident 22909 tcpflags 0x5014 seq.no 899975979 ack 92642430

000052: Mar 6 11:51:24.013: %FW-6-DROP_PKT: Dropping http session <ip>:4765 194.106.151.77:80 due to RST inside current window with ip ident 4118 tcpflags 0x5014 seq.no 3161679649 ack 1450263460

068974: Mar 6 05:10:14.676: %FW-6-DROP_PKT: Dropping http session 66.101.6.51:80 <ip>:1530 due to RST inside current window with ip ident 8954 tcpflags 0x5014 seq.no 2056370527 ack 2999433041

068975: Mar 6 05:35:48.385: %FW-6-DROP_PKT: Dropping http session 66.101.6.51:80 <ip>:1882 due to Stray Segment with ip ident 27148 tcpflags 0x5010 seq.no 939083425 ack 724203821

068976: Mar 6 05:36:21.734: %FW-6-DROP_PKT: Dropping http session 66.101.6.51:80 <ip>:4919 due to Stray Segment with ip ident 2945 tcpflags 0x5010 seq.no 704890853 ack 370246242

068977: Mar 6 06:29:14.628: %FW-6-DROP_PKT: Dropping http session <ip>:1214 66.101.6.51:80 due to Invalid Segment with ip ident 26797 tcpflags 0x7002 seq.no 2896034509 ack 0

068978: Mar 6 06:32:51.923: %FW-6-DROP_PKT: Dropping http session 66.101.6.51:80 <ip>:1653 due to SYN inside current window

Dropping http session due to RST inside current window with ip.

Dropping http session due to Stray Segment with ip.

These 2 are most of all. Why do they drop sessions? What do they mean?

Thanks.

ip inspect problem, dropping important connections on 887VAMG ro

firestormnet — Wed, 14 Mar 2012 22:17:32 GMT

I removed a firewall, ip inspecting and ACLs, but there is some delays for web browsing and slow internet connection.This model of router C887VAMG was introduced just in January, so I'm wonder if there are some bugs in firmware.

Why is this router is not capable to do inspection and firewalling? It shouldn't really drop the performance so high.

topic ip inspect problem, dropping important connections on 887VAMG ro in Network Security

ip inspect problem, dropping important connections on 887VAMG router

ip inspect problem, dropping important connections on 887VAMG ro