cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
911
Views
0
Helpful
0
Replies

RV042 Policy Violation troubleshooting

cdelagarde
Level 1
Level 1

Hi, I'm new here and I came because of an odd problem I'ma having problems troubleshooting.

Here is the setup. I have two sites connected using two RV042 on SDSL connection. From one site, someone access to the other using a third party light client software. Some of the functionnalities are filtered by the router on their site.

RV042 is running a v4.0.4.02-tm firmware. As it is in production on a non-stoppable site, I am not able to do modifications on the configuration to test solutions. I have search a little bit throught the web, found some things which usually not applies to this problem.

It's occuring on a special command, so I am thinking of a difference in the behavior of the third party software, but as there is no more support for this one, it is necessary to find a way to make it work, somehow. I forgot, it is occuring on any computers on this site.

We already encountered the "Connection Refused - Policy Violation" error, and to prevent it from occuring, added rules to the firewall to authorize all trafic between the two sites, it solved the problem at this occasion but now, the rules are covering the problem and should authorize the communication.

How can I found the root cause of this problem, and determine a sure (or at least worth stopping the site) solution to correct it?

We have a syslog surveillance on these routers, so I have here a snapshot of the problem occuring :

   RV042-B     2012-10-18 09:35:54     #warn<4> Connection Accepted: IN=eth0 OUT=ppp2 SRC=10.1.82.111 DST=10.1.78.3 LEN=51 TOS=0x00 PREC=0x00 TTL=127 ID=57094 DF PROTO=TCP SPT=3127 DPT=2598 WINDOW=63631 RES=0x00 ACK PSH URGP=0     Kern     Alert

    RV042-A     2012-10-18 09:35:54     #warn<4> Connection Accepted: IN=ppp2 OUT=eth0 SRC=10.1.82.111 DST=10.1.78.3 LEN=52 TOS=0x00 PREC=0x00 TTL=126 ID=57089 DF PROTO=TCP SPT=3127 DPT=2598 WINDOW=63637 RES=0x00 ACK PSH URGP=0     Kern     Alert

    RV042-B     2012-10-18 09:35:54     #warn<4> Connection Accepted: IN=eth0 OUT=ppp2 SRC=10.1.82.111 DST=10.1.78.3 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=57081 DF PROTO=TCP SPT=3127 DPT=2598 WINDOW=63671 RES=0x00 ACK PSH URGP=0     Kern     Alert

    RV042-B     2012-10-18 09:35:54     #warn<4> Connection Accepted: IN=eth0 OUT=ppp2 SRC=10.1.82.111 DST=10.1.78.3 LEN=50 TOS=0x00 PREC=0x00 TTL=127 ID=57070 DF PROTO=TCP SPT=3127 DPT=2598 WINDOW=63736 RES=0x00 ACK PSH URGP=0     Kern     Alert

    RV042-A     2012-10-18 09:35:54     #warn<4> Connection Accepted: IN=ppp2 OUT=eth0 SRC=10.1.82.111 DST=10.1.78.3 LEN=52 TOS=0x00 PREC=0x00 TTL=126 ID=57066 DF PROTO=TCP SPT=3127 DPT=2598 WINDOW=63736 RES=0x00 ACK PSH URGP=0     Kern     Alert

    RV042-B     2012-10-18 09:35:53     #warn<4> Connection Refused - Policy violation: IN=eth0 OUT=ppp2 SRC=10.1.82.111 DST=10.1.78.3 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=57056 DF PROTO=TCP SPT=3127 DPT=2598 WINDOW=63777 RES=0x00 ACK PSH URGP=0     Kern     Alert

    RV042-A     2012-10-18 09:35:53     #warn<4> Connection Accepted: IN=eth0 OUT=ppp2 SRC=10.1.78.3 DST=10.1.82.111 LEN=55 TOS=0x00 PREC=0x00 TTL=127 ID=6390 DF PROTO=TCP SPT=2598 DPT=3127 WINDOW=64466 RES=0x00 ACK PSH URGP=0     Kern     Alert

    RV042-B     2012-10-18 09:35:53     #warn<4> Connection Accepted: IN=eth0 OUT=ppp2 SRC=10.1.82.111 DST=10.1.78.3 LEN=53 TOS=0x00 PREC=0x00 TTL=127 ID=57048 DF PROTO=TCP SPT=3127 DPT=2598 WINDOW=63783 RES=0x00 ACK PSH URGP=0     Kern     Alert

    RV042-A     2012-10-18 09:35:53     #warn<4> Connection Accepted: IN=eth0 OUT=ppp2 SRC=10.1.78.3 DST=10.1.82.111 LEN=53 TOS=0x00 PREC=0x00 TTL=127 ID=6372 DF PROTO=TCP SPT=2598 DPT=3127 WINDOW=63136 RES=0x00 ACK PSH URGP=0     Kern     Alert

    RV042-B     2012-10-18 09:35:53     #warn<4> Connection Accepted: IN=eth0 OUT=ppp2 SRC=10.1.82.111 DST=10.1.78.3 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=57047 DF PROTO=TCP SPT=3127 DPT=2598 WINDOW=63796 RES=0x00 ACK URGP=0     Kern     Alert

    RV042-A     2012-10-18 09:35:53     #warn<4> Connection Accepted: IN=eth0 OUT=ppp2 SRC=10.1.78.3 DST=10.1.82.111 LEN=98 TOS=0x00 PREC=0x00 TTL=127 ID=6366 DF PROTO=TCP SPT=2598 DPT=3127 WINDOW=63136 RES=0x00 ACK PSH URGP=0     Kern     Alert

    RV042-A     2012-10-18 09:35:53     #warn<4> Connection Accepted: IN=eth0 OUT=ppp2 SRC=10.1.78.3 DST=10.1.82.111 LEN=46 TOS=0x00 PREC=0x00 TTL=127 ID=6363 DF PROTO=TCP SPT=2598 DPT=3127 WINDOW=63136 RES=0x00 ACK PSH URGP=0     Kern     Alert

    RV042-B     2012-10-18 09:35:53     #warn<4> Connection Accepted: IN=eth0 OUT=ppp2 SRC=10.1.82.111 DST=10.1.78.3 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=57045 DF PROTO=TCP SPT=3127 DPT=2598 WINDOW=63912 RES=0x00 ACK URGP=0     Kern     Alert

    RV042-A     2012-10-18 09:35:53     #warn<4> Connection Accepted: IN=ppp2 OUT=eth0 SRC=10.1.82.111 DST=10.1.78.3 LEN=52 TOS=0x00 PREC=0x00 TTL=126 ID=57040 DF PROTO=TCP SPT=3127 DPT=2598 WINDOW=63918 RES=0x00 ACK PSH URGP=0     Kern     Alert

    RV042-B     2012-10-18 09:35:53     #warn<4> Connection Accepted: IN=eth0 OUT=ppp2 SRC=10.1.82.111 DST=10.1.78.3 LEN=51 TOS=0x00 PREC=0x00 TTL=127 ID=57041 DF PROTO=TCP SPT=3127 DPT=2598 WINDOW=63918 RES=0x00 ACK PSH URGP=0     Kern     Alert

    RV042-B     2012-10-18 09:35:52     #warn<4> Connection Accepted: IN=eth0 OUT=ppp2 SRC=10.1.82.111 DST=10.1.78.3 LEN=53 TOS=0x00 PREC=0x00 TTL=127 ID=57030 DF PROTO=TCP SPT=3127 DPT=2598 WINDOW=63947 RES=0x00 ACK PSH URGP=0     Kern     Alert

    RV042-B     2012-10-18 09:35:52     #warn<4> Connection Accepted: IN=eth0 OUT=ppp2 SRC=10.1.82.111 DST=10.1.78.3 LEN=51 TOS=0x00 PREC=0x00 TTL=127 ID=57022 DF PROTO=TCP SPT=3127 DPT=2598 WINDOW=64133 RES=0x00 ACK PSH URGP=0     Kern     Alert

I also drop here some configuration infos :

Firewall rules authorize all trafic between sites

Permanent VPN between sites running on two SDSL connections (one per site)

Site A (10.1.78.0/24) has the server and RV042-A

Site B (10.1.82.0/24) has the clients and RV042-B

Any help will be appreciated. Thanks a lot in advance.

0 Replies 0