Support Center > Search Results > SecureKnowledge Details
Packets are not routed correctly when PBR is configured and SecureXL is enabled
Symptoms
  • Packets are not routed correctly when PBR is configured and SecureXL is enabled.

  • Disabling SecureXL resolves the issue.

  • FW Monitor during the issue shows that the same packets appear to be entering on different interfaces (routing loop occurs).

    Example:

    [vs_0][fw_0] Lan2:i[60]: 192.168.139.12 -> 172.30.96.5 (TCP) len=60 id=60400
    TCP: 23 -> 4947 .S..A. seq=201bd9d9 ack=39cd7bba
    [vs_0][fw_0] Lan2:I[60]: 192.168.139.12 -> 172.30.96.5 (TCP) len=60 id=60400
    TCP: 23 -> 4947 .S..A. seq=201bd9d9 ack=39cd7bba
    [vs_0][fw_0] Lan4:i[60]: 192.168.139.12 -> 172.30.96.5 (TCP) len=60 id=60401
    TCP: 23 -> 4947 .S..A. seq=201bd9d9 ack=39cd7bba
    [vs_0][fw_0] Lan4:I[60]: 192.168.139.12 -> 172.30.96.5 (TCP) len=60 id=60401
    TCP: 23 -> 4947 .S..A. seq=201bd9d9 ack=39cd7bba
    [vs_0][fw_0] Lan3:o[60]: 192.168.139.12 -> 172.30.96.5 (TCP) len=60 id=60401
    TCP: 23 -> 4947 .S..A. seq=201bd9d9 ack=39cd7bba
    [vs_0][fw_0] Lan3:O[60]: 192.168.139.12 -> 172.30.96.5 (TCP) len=60 id=60401
    TCP: 23 -> 4947 .S..A. seq=201bd9d9 ack=39cd7bba
    
Cause

SecureXL SIM device incorrectly calculate the route for packets if PBR is configured.


Solution
Note: To view this solution you need to Sign In .