![]() If the following can be seen: flow_policy_nat_land 2 1 drop flow session Session setup: source NAT IP allocation result in LAND attack, make sure that the NAT policy is changed to specific source and destination zones.Make sure that pkt_recv and pkt_sent counters are incrementing to verify that the interface is passing the traffic.Start the packet capture and look at the counters using show counter global filter packet-filter yes delta yes I have intra zone traffic in the zone enabled and can confirm that I can reach the loopback address from a layer 3 hop, but its not working over a layer 2.I appreciate R2 has an interface on Eth 1/2 with ip address 172.28.38.1/24, but its on a separate router and different mask. R3 cant ping itself on 172.28.38.11/16 and I cant understand why. Set up Packet Capture bidirectional filters which include both the IP address of the firewall being pinged, and the IP address of the workstation from which the test is run. Hello Community, I have a problem that I simply cant understand - although Im sure there is simple explanation. It is also recommended that the unnumbered interface points to a loopback interface since loopbacks do not fail.If there is a deny all policy rule at the bottom, make sure there is a same zone policy configured allowing pings.Verify that the profile has the host IP allowed in the permitted addresses list. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |