Hi
I just did some tests with FastTrack. Some Infos about my test setup:
- There is an IPsec from (monitoring subnet)/29 to (second datacenter subnet)/28
→ As both networks use public addresses, there is no “accept” NAT rule
There is an IPsec from (monitoring subnet)/29 to 10.64.107.0/24
→ As remote subnet is addressed with RFC1918, there’s a srcnat accept rule.
Now to the problem:
If I enable the FastTrack rule in forwarding chain, in case 1, no more TCP connections are working (I see some SYN ACK, but there’s no traffic flowing through). UDP is broken too. If I do a snmpwalk, only the first part (like 1 or 2 OIDs) will be transmitted. After that, there’s a timeout.
If I do the same with case 2 (NATed IPs), everything works fine.
Can anyone give me a hint what the problem could be?
Regards
Patrick