Hi all,
when I adding fasttrack to firewall rules, other rules cannot working. is any idea to fix ?
thanks
The very reason why fasttracking is fast is that it bypasses a lot of packet processing stages, including many in the firewall.
So your only remedy is to prevent from being fasttracked all connections for which you need other firewall rules to continue working after these connections get established, and allow only the rest (if any rest actually exists) to be fasttracked. The details depend on your particular configuration.
Thanks for answer.
is any example for rules that’s working with fast track?
Thanks
Sent from my C6833 using Tapatalk
Wrong question. Some connections do work with fasttrack because they don’t need any of (packet or route marking, ipsec policy matching). Any connection which relies on any of these packet processing steps must not be fasttracked.