UDP port 4500 sometime get blocked when allowed over bridge

Zyxel_Jeff

OK, thank you for your update. Let us check it.

PeterUK

So I was thinking the source port of the 4500 NATT gets changed by my 4G ISP EE on there CGNAT sometimes it 4500 most of the time its random could it be that when at a time that VPN300 does DNS on the same source port even when destination port and IP are different that it causes the NATT session over the bridge to fail?

PeterUK

And it gone again UDP 4500 not passing over the bridge😔

DPD: The remote address of [link_to_flex200_4G:link_to_flex200_4G] has been no response.

Tried clicking disconnect in monitor > VPN monitor >IPsec which didn't help

This is with ADP disabled now

Could the bridge be looking at the UDP4500 traffic flow and somehow go by info it can see like SA life time and getting it wrong and blocks the traffic?

Its now working all I did was disconnect in monitor > VPN monitor >IPsec and in monitor > traffic statistics > session monitor cleared the NATT session

PeterUK

Anyone?

EE have started to change IP more which means the session and port change to not make this happen as much but its just happened again.

My next theory is its to do with the LAG where by a session comes in on one port and is not expected to change to the other port which causes the bridged LAG not to forward the UDP 4500

so just a bridged with two ports without LAG might fix it?