Traffic is originating from a VS (virtual system) with the VSX internal communication address

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk101448
Technical Level
Product	VSX
Version	All
OS	Gaia
Platform / Model	All
Date Created	08-Jul-2014
Last Modified	01-Sep-2022

Symptoms

Connections that are originating from a Virtual System are using a Source IP address of the VSX internal communication network.
By design, these IP addresses should not be seen on the internal network.

Cause

A manual "no-NAT" rule or a change to no_hide_services_ports in the table.def is blocking the required NAT.

In VSX, all interfaces in a Virtual System are assigned an IP address from the VSX Internal Communication Network (192.168.196.0/24). Special NAT is performed by the kernel using the configured addresses from the topology table.

Solution

Note: To view this solution you need to Sign In .