connection to 188.134.103.xx:33810 traceoption log (connection refused)
Oct 5 19:34:17 19:34:17.184502:CID-0:RT:flow_first_rule_dst_xlate: DST xlate: 188.134.103.xx(33810) to 10.241.1.128(3389), rule/pool id 5/32773.
Oct 5 19:34:17 19:34:17.184502:CID-0:RT:flow_first_routing: vr_id 0, call flow_route_lookup(): src_ip 188.134.103.69, x_dst_ip 10.241.1.128, in ifp fe-0/0/0.0, out ifp N/A sp 49322, dp 33810, ip_proto 6, tos 0
Oct 5 19:34:17 19:34:17.184502:CID-0:RT:Doing DESTINATION addr route-lookup
Oct 5 19:34:17 19:34:17.184502:CID-0:RT: routed (x_dst_ip 10.241.1.128) from untrust (fe-0/0/0.0 in 0) to vlan.0, Next-hop: 10.241.1.128
Oct 5 19:34:17 19:34:17.184502:CID-0:RT: policy search from zone untrust-> zone trust (0x110,0xc0aa8412,0xd3d)
Oct 5 19:34:17 19:34:17.184502:CID-0:RT: app 0, timeout 1800s, curr ageout 20s
Oct 5 19:34:17 19:34:17.184502:CID-0:RT: packet dropped, denied by policy
Oct 5 19:34:17 19:34:17.184502:CID-0:RT: packet dropped, policy deny.
Oct 5 19:34:17 19:34:17.184502:CID-0:RT: flow find session returns error.
Oct 5 19:34:17 19:34:17.184502:CID-0:RT: ----- flow_process_pkt rc 0x7 (fp rc -1)
connection to 188.134.103.xx:3389 traceoption log (connection accepted)
Oct 5 19:36:46 19:36:45.998010:CID-0:RT:flow_first_rule_dst_xlate: DST xlate: 188.134.103.xx(3389) to 10.241.1.210(3389), rule/pool id 1/32769.
Oct 5 19:36:46 19:36:45.998010:CID-0:RT:flow_first_routing: vr_id 0, call flow_route_lookup(): src_ip 188.134.103.69, x_dst_ip 10.241.1.210, in ifp fe-0/0/0.0, out ifp N/A sp 49323, dp 3389, ip_proto 6, tos 0
Oct 5 19:36:46 19:36:45.998010:CID-0:RT:Doing DESTINATION addr route-lookup
Oct 5 19:36:46 19:36:45.998010:CID-0:RT: routed (x_dst_ip 10.241.1.210) from untrust (fe-0/0/0.0 in 0) to vlan.0, Next-hop: 10.241.1.210
Oct 5 19:36:46 19:36:45.998010:CID-0:RT: policy search from zone untrust-> zone trust (0x110,0xc0ab0d3d,0xd3d)
Oct 5 19:36:46 19:36:45.998010:CID-0:RT: policy has timeout 900
Oct 5 19:36:46 19:36:45.998010:CID-0:RT: app 0, timeout 1800s, curr ageout 20s
Oct 5 19:36:46 19:36:45.998010:CID-0:RT: packet passed, Permitted by policy.
WHY?!