Operational Defect Database
BugZero found this defect 1943 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3SlSAI
False log message when TCP SYN checking disabled: All gateways in SDWAN action are down
Last update date:
1/23/2019
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
12.x
12.3.x
Fixed releases:
All
Description:
Issue
If you have cleared the Enable TCP SYN packet and connection state verification check box on your Firebox, connections that use an SD-WAN action could generate incorrect log messages that include all gateways in SDWAN action are down, drop this packet. These log messages occur when the Firebox receives packets that are part of a connection that is already closed, often a FIN or RST packet that would tell the client to close the connection. These log messages do not indicate a failure in Firebox functionality.
Workaround/Solution
This issue does not occur if you select the Enable TCP SYN packet and connection state verification check box. To learn more about this option, see Define Firebox Global Settings.
