UDP port 4500 sometime get blocked when allowed over bridge

2»

All Replies

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,251  Zyxel Employee
    100 Answers 500 Comments Friend Collector Fourth Anniversary

    OK, thank you for your update. Let us check it.


    See how you've made an impact in Zyxel Community this year! https://bit.ly/Your2024Moments_Community

  • PeterUK
    PeterUK Posts: 3,461  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited March 24

    So I was thinking the source port of the 4500 NATT gets changed by my 4G ISP EE on there CGNAT sometimes it 4500 most of the time its random could it be that when at a time that VPN300 does DNS on the same source port even when destination port and IP are different that it causes the NATT session over the bridge to fail?

  • PeterUK
    PeterUK Posts: 3,461  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited March 26

    And it gone again UDP 4500 not passing over the bridge😔

    DPD: The remote address of [link_to_flex200_4G:link_to_flex200_4G] has been no response.

    Tried clicking disconnect in monitor > VPN monitor >IPsec which didn't help

    This is with ADP disabled now

    Could the bridge be looking at the UDP4500 traffic flow and somehow go by info it can see like SA life time and getting it wrong and blocks the traffic?

    Its now working all I did was disconnect in monitor > VPN monitor >IPsec and in monitor > traffic statistics > session monitor cleared the NATT session

  • PeterUK
    PeterUK Posts: 3,461  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited May 16

    Anyone?

    EE have started to change IP more which means the session and port change to not make this happen as much but its just happened again.

    My next theory is its to do with the LAG where by a session comes in on one port and is not expected to change to the other port which causes the bridged LAG not to forward the UDP 4500

    so just a bridged with two ports without LAG might fix it?

Security Highlight