UDP Traffic on Locally managed SMB appliances is dropped due to "Violated Unidirectional Connection"

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk111759
Technical Level
Product	Quantum Spark Appliances
Version	R77.20 (EOL), R80.20.x, R81.10.x
OS	Gaia Embedded
Platform / Model	600, 700, 900, 1100, 1400, 1200R, 1500, 1600, 1800
Date Created	09-Jun-2016
Last Modified	24-Jul-2022

Symptoms

UDP Traffic on Locally managed SMB appliances is dropped due to "Violated Unidirectional Connection".
The issue can also happen when using internal NTP server (UDP/123) and get queries from external zone. The Answer from the server is being dropped due to "Violated Unidirectional Connection".

Cause

The VPN User is trying to authenticate with an internal server on the LAN. The Authentication is sent in UDP. The Check Point appliance does not allow replies to UDP packet (This is by Default).

When a UDP connection reaches the Security Gateway, it marks it in its Connections Table to allow traffic to pass in one direction only. If a UDP connection uses a two way (bi-directional) communication, this would create a violation and the Security Gateway will drop the connection for reason: "Violated Unidirectional Connection".

Also, UDP traffic may be dropped when the source port is reused.

Solution

Note: To view this solution you need to Sign In .