UDP port 4500 sometime get blocked when allowed over bridge
All Replies
-
OK, thank you for your update. Let us check it.
0 -
So I was thinking the source port of the 4500 NATT gets changed by my 4G ISP EE on there CGNAT sometimes it 4500 most of the time its random could it be that when at a time that VPN300 does DNS on the same source port even when destination port and IP are different that it causes the NATT session over the bridge to fail?
0 -
And it gone again UDP 4500 not passing over the bridge😔
DPD: The remote address of [link_to_flex200_4G:link_to_flex200_4G] has been no response.
Tried clicking disconnect in monitor > VPN monitor >IPsec which didn't help
This is with ADP disabled now
Could the bridge be looking at the UDP4500 traffic flow and somehow go by info it can see like SA life time and getting it wrong and blocks the traffic?
Its now working all I did was disconnect in monitor > VPN monitor >IPsec and in monitor > traffic statistics > session monitor cleared the NATT session
0 -
Anyone?
EE have started to change IP more which means the session and port change to not make this happen as much but its just happened again.
My next theory is its to do with the LAG where by a session comes in on one port and is not expected to change to the other port which causes the bridged LAG not to forward the UDP 4500
so just a bridged with two ports without LAG might fix it?
0
Zyxel Employee
Guru Member
Categories
- All Categories
- 398 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 83 Nebula Status and Incidents
- 5.2K Security
- 99 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 923 WirelessLAN
- 35 WLAN Ideas
- 5.9K Consumer Product
- 212 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2.1K FAQ
- 1K Nebula FAQ
- 445 Security FAQ
- 238 Switch FAQ
- 213 WirelessLAN FAQ
- 47 Consumer Product FAQ
- 142 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight
