SSG550(M)-> set ffilter dst-ip 146.147.28.46 filter added SSG550(M)-> set ffilter src-ip 10.154.8.125 filter added SSG550(M)-> SSG550(M)-> SSG550(M)-> SSG550(M)-> debug flow basic SSG550(M)-> undebug all SSG550(M)-> undebug all SSG550(M)-> get db stre stream show debug buffer stream SSG550(M)-> get db stream ****** packet decapsulated, type=ipsec, len=60****** ipid = 9709(25ed), @2d681910 tunnel.1:171.74.126.8/11675->146.147.28.46/1,1(8/0) no session found flow_first_sanity_check: in , out chose interface tunnel.1 as incoming nat if. flow_first_routing: in , out search route to (tunnel.1, 171.74.126.8->10.154.8.125) in vr trust-vr for vsd-0/flag-0/ifp-null cached route 6 for 10.154.8.125 [ Dest] 6.route 10.154.8.125->10.0.4.1, to ethernet3/3 routed (x_dst_ip 10.154.8.125) from tunnel.1 (tunnel.1 in 0) to ethernet3/3 policy search from zone 1-> zone 2 policy_flow_search policy search nat_crt from zone 1-> zone 10 RPC Mapping Table search returned 0 matched service(s) for (vsys Root, ip 146.147.28.46, port 8128, proto 1) No SW RPC rule match, search HW rule swrs_search_ip: policy matched id/idx/action = 17/17/0x9 Permitted by policy 17 No src xlate choose interface ethernet3/3 as outgoing phy if check nsrp pak fwd: in_tun=0x40000001, VSD 0 for out ifp ethernet3/3 no loop on ifp ethernet3/3. session application type 0, name None, nas_id 0, timeout 60sec service lookup identified service 0. flow_first_final_check: in , out existing vector list 25-b1cf2f4. Session (id:254821) created for first pak 25 flow_first_install_session======> route to 10.0.4.1 cached arp entry with MAC 001b17000111 for 10.0.4.1 arp entry found for 10.0.4.1 ifp2 ethernet3/3, out_ifp ethernet3/3, flag 00800800, tunnel ffffffff, rc 1 outgoing wing prepared, ready handle tunnel reverse route search route to (ethernet3/3, 10.154.8.125->171.74.126.8) in vr trust-vr for vsd-0/flag-3000/ifp-tunnel.1 cached route 27 for 171.74.126.8 [ Dest] 27.route 171.74.126.8->198.142.2.4, to tunnel.1 route to 198.142.2.4 going into tunnel. ifp2 tunnel.1, out_ifp tunnel.1, flag 00002801, tunnel 40000001, rc 1 flow got session. flow session id 254821 flow_main_body_vector in ifp tunnel.1 out ifp ethernet3/3 flow vector index 0x25, vector addr 0xb1cf2f4, orig vector 0xb1cf2f4 vsd 0 is active post addr xlation: 171.74.126.8->10.154.8.125. skipping pre-frag no more encapping needed packet send out to 001b17000111 through ethernet3/3 **** pak processing end. ****** 404432.0: packet received [60]****** ipid = 44809(af09), @2d781910 packet passed sanity check. flow_decap_vector IPv4 process ethernet3/3:10.154.8.125/1->171.74.126.8/11675,1(0/0) existing session found. sess token 3 flow got session. flow session id 254821 flow_main_body_vector in ifp ethernet3/3 out ifp N/A flow vector index 0x25, vector addr 0xb1cf2f4, orig vector 0xb1cf2f4 vsd 0 is active post addr xlation: 146.147.28.46->171.74.126.8. skipping pre-frag going into tunnel 40000001. flow_encrypt: pipeline. chip info: PIO. Tunnel id 00000001 (vn2) doing ESP encryption and size =64 ipsec encrypt prepare engine done ipsec encrypt set engine done ipsec auth done ipsec encrypt engine released ipsec encrypt done put packet(90aa620) into flush queue. remove packet(90aa620) out from flush queue. **** jump to packet:132.190.53.10->198.142.2.4 packet encapsulated, type=ipsec, len=120 ipid = 34626(8742), @2d7818e4 out encryption tunnel 40000001 gw:142.190.43.1 no more encapping needed send out through normal path. flow_ip_send: 8742:132.190.53.10->198.142.2.4,50 => ethernet3/0(120) flag 0x0, vlan 0 mac 00000c07acfa in session packet send out to 00000c07acfa through ethernet3/0 **** pak processing end. ****** packet decapsulated, type=ipsec, len=60****** ipid = 9710(25ee), @2d50c110 tunnel.1:171.74.126.8/11676->146.147.28.46/1,1(8/0) no session found flow_first_sanity_check: in , out chose interface tunnel.1 as incoming nat if. flow_first_routing: in , out search route to (tunnel.1, 171.74.126.8->10.154.8.125) in vr trust-vr for vsd-0/flag-0/ifp-null cached route 6 for 10.154.8.125 [ Dest] 6.route 10.154.8.125->10.0.4.1, to ethernet3/3 routed (x_dst_ip 10.154.8.125) from tunnel.1 (tunnel.1 in 0) to ethernet3/3 policy search from zone 1-> zone 2 policy_flow_search policy search nat_crt from zone 1-> zone 10 RPC Mapping Table search returned 0 matched service(s) for (vsys Root, ip 146.147.28.46, port 8127, proto 1) No SW RPC rule match, search HW rule swrs_search_ip: policy matched id/idx/action = 17/17/0x9 Permitted by policy 17 No src xlate choose interface ethernet3/3 as outgoing phy if check nsrp pak fwd: in_tun=0x40000001, VSD 0 for out ifp ethernet3/3 no loop on ifp ethernet3/3. session application type 0, name None, nas_id 0, timeout 60sec service lookup identified service 0. flow_first_final_check: in , out existing vector list 25-b1cf2f4. Session (id:252959) created for first pak 25 flow_first_install_session======> route to 10.0.4.1 cached arp entry with MAC 001b17000111 for 10.0.4.1 arp entry found for 10.0.4.1 ifp2 ethernet3/3, out_ifp ethernet3/3, flag 00800800, tunnel ffffffff, rc 1 outgoing wing prepared, ready handle tunnel reverse route search route to (ethernet3/3, 10.154.8.125->171.74.126.8) in vr trust-vr for vsd-0/flag-3000/ifp-tunnel.1 cached route 27 for 171.74.126.8 [ Dest] 27.route 171.74.126.8->198.142.2.4, to tunnel.1 route to 198.142.2.4 going into tunnel. ifp2 tunnel.1, out_ifp tunnel.1, flag 00002801, tunnel 40000001, rc 1 flow got session. flow session id 252959 flow_main_body_vector in ifp tunnel.1 out ifp ethernet3/3 flow vector index 0x25, vector addr 0xb1cf2f4, orig vector 0xb1cf2f4 vsd 0 is active post addr xlation: 171.74.126.8->10.154.8.125. skipping pre-frag no more encapping needed packet send out to 001b17000111 through ethernet3/3 **** pak processing end. ipsec auth done ipsec encrypt engine released ipsec encrypt done put packet(90aade0) into flush queue. remove packet(90aade0) out from flush queue. **** jump to packet:132.190.53.10->198.142.2.4 packet encapsulated, type=ipsec, len=1560 ipid = 34682(877a), @2d5738e4 out encryption tunnel 40000001 gw:142.190.43.1 no more encapping needed packet need to be fragged. ip len 1560, max_ip_len 1500, link_data_size: 1480 fragment generated, ip length is 84, pak_size is 84, 132.190.53.10->198.142.2.4 **** jump to packet:132.190.53.10->198.142.2.4 send out through normal path. flow_ip_send: 877a:132.190.53.10->198.142.2.4,50 => ethernet3/0(84) flag 0x0, vlan 0 mac 00000c07acfa in session packet send out to 00000c07acfa through ethernet3/0 **** pak processing end. fragment generated, last piece, ip length is 1496, pak_size is 1496, 132.190.53.10->198.142.2.4 send out through normal path. flow_ip_send: 877a:132.190.53.10->198.142.2.4,50 => ethernet3/0(1496) flag 0x0, vlan 0 mac 00000c07acfa in session packet send out to 00000c07acfa through ethernet3/0 **** pak processing end. ****** 404433.0: packet received [60]****** ipid = 44810(af0a), @2d615110 packet passed sanity check. flow_decap_vector IPv4 process ethernet3/3:10.154.8.125/1->171.74.126.8/11676,1(0/0) existing session found. sess token 3 flow got session. flow session id 252959 flow_main_body_vector in ifp ethernet3/3 out ifp N/A flow vector index 0x25, vector addr 0xb1cf2f4, orig vector 0xb1cf2f4 vsd 0 is active post addr xlation: 146.147.28.46->171.74.126.8. skipping pre-frag going into tunnel 40000001. flow_encrypt: pipeline. chip info: PIO. Tunnel id 00000001 (vn2) doing ESP encryption and size =64 ipsec encrypt prepare engine done ipsec encrypt set engine done ipsec auth done ipsec encrypt engine released ipsec encrypt done put packet(90a6df0) into flush queue. remove packet(90a6df0) out from flush queue. **** jump to packet:132.190.53.10->198.142.2.4 packet encapsulated, type=ipsec, len=120 ipid = 34699(878b), @2d6150e4 out encryption tunnel 40000001 gw:142.190.43.1 no more encapping needed send out through normal path. flow_ip_send: 878b:132.190.53.10->198.142.2.4,50 => ethernet3/0(120) flag 0x0, vlan 0 mac 00000c07acfa in session packet send out to 00000c07acfa through ethernet3/0 **** pak processing end. ****** packet decapsulated, type=ipsec, len=60****** ipid = 9711(25ef), @2d652910 tunnel.1:171.74.126.8/11677->146.147.28.46/1,1(8/0) no session found flow_first_sanity_check: in , out chose interface tunnel.1 as incoming nat if. flow_first_routing: in , out search route to (tunnel.1, 171.74.126.8->10.154.8.125) in vr trust-vr for vsd-0/flag-0/ifp-null cached route 6 for 10.154.8.125 [ Dest] 6.route 10.154.8.125->10.0.4.1, to ethernet3/3 routed (x_dst_ip 10.154.8.125) from tunnel.1 (tunnel.1 in 0) to ethernet3/3 policy search from zone 1-> zone 2 policy_flow_search policy search nat_crt from zone 1-> zone 10 RPC Mapping Table search returned 0 matched service(s) for (vsys Root, ip 146.147.28.46, port 8126, proto 1) No SW RPC rule match, search HW rule swrs_search_ip: policy matched id/idx/action = 17/17/0x9 Permitted by policy 17 No src xlate choose interface ethernet3/3 as outgoing phy if check nsrp pak fwd: in_tun=0x40000001, VSD 0 for out ifp ethernet3/3 no loop on ifp ethernet3/3. session application type 0, name None, nas_id 0, timeout 60sec service lookup identified service 0. flow_first_final_check: in , out existing vector list 25-b1cf2f4. Session (id:253915) created for first pak 25 flow_first_install_session======> route to 10.0.4.1 cached arp entry with MAC 001b17000111 for 10.0.4.1 arp entry found for 10.0.4.1 ifp2 ethernet3/3, out_ifp ethernet3/3, flag 00800800, tunnel ffffffff, rc 1 outgoing wing prepared, ready handle tunnel reverse route search route to (ethernet3/3, 10.154.8.125->171.74.126.8) in vr trust-vr for vsd-0/flag-3000/ifp-tunnel.1 cached route 27 for 171.74.126.8 [ Dest] 27.route 171.74.126.8->198.142.2.4, to tunnel.1 route to 198.142.2.4 going into tunnel. ifp2 tunnel.1, out_ifp tunnel.1, flag 00002801, tunnel 40000001, rc 1 flow got session. flow session id 253915 flow_main_body_vector in ifp tunnel.1 out ifp ethernet3/3 flow vector index 0x25, vector addr 0xb1cf2f4, orig vector 0xb1cf2f4 vsd 0 is active post addr xlation: 171.74.126.8->10.154.8.125. skipping pre-frag no more encapping needed packet send out to 001b17000111 through ethernet3/3 **** pak processing end. ****** 404434.0: packet received [60]****** ipid = 44811(af0b), @2d72c910 packet passed sanity check. flow_decap_vector IPv4 process ethernet3/3:10.154.8.125/1->171.74.126.8/11677,1(0/0) existing session found. sess token 3 flow got session. flow session id 253915 flow_main_body_vector in ifp ethernet3/3 out ifp N/A flow vector index 0x25, vector addr 0xb1cf2f4, orig vector 0xb1cf2f4 vsd 0 is active post addr xlation: 146.147.28.46->171.74.126.8. skipping pre-frag going into tunnel 40000001. flow_encrypt: pipeline. chip info: PIO. Tunnel id 00000001 (vn2) doing ESP encryption and size =64 ipsec encrypt prepare engine done ipsec encrypt set engine done ipsec auth done ipsec encrypt engine released ipsec encrypt done put packet(90a8150) into flush queue. remove packet(90a8150) out from flush queue. **** jump to packet:132.190.53.10->198.142.2.4 packet encapsulated, type=ipsec, len=120 ipid = 34843(881b), @2d72c8e4 out encryption tunnel 40000001 gw:142.190.43.1 no more encapping needed send out through normal path. flow_ip_send: 881b:132.190.53.10->198.142.2.4,50 => ethernet3/0(120) flag 0x0, vlan 0 mac 00000c07acfa in session packet send out to 00000c07acfa through ethernet3/0 **** pak processing end. ****** packet decapsulated, type=ipsec, len=60****** ipid = 9712(25f0), @2d68c110 tunnel.1:171.74.126.8/11678->146.147.28.46/1,1(8/0) no session found flow_first_sanity_check: in , out chose interface tunnel.1 as incoming nat if. flow_first_routing: in , out search route to (tunnel.1, 171.74.126.8->10.154.8.125) in vr trust-vr for vsd-0/flag-0/ifp-null cached route 6 for 10.154.8.125 [ Dest] 6.route 10.154.8.125->10.0.4.1, to ethernet3/3 routed (x_dst_ip 10.154.8.125) from tunnel.1 (tunnel.1 in 0) to ethernet3/3 policy search from zone 1-> zone 2 policy_flow_search policy search nat_crt from zone 1-> zone 10 RPC Mapping Table search returned 0 matched service(s) for (vsys Root, ip 146.147.28.46, port 8125, proto 1) No SW RPC rule match, search HW rule swrs_search_ip: policy matched id/idx/action = 17/17/0x9 Permitted by policy 17 No src xlate choose interface ethernet3/3 as outgoing phy if check nsrp pak fwd: in_tun=0x40000001, VSD 0 for out ifp ethernet3/3 no loop on ifp ethernet3/3. session application type 0, name None, nas_id 0, timeout 60sec service lookup identified service 0. flow_first_final_check: in , out existing vector list 25-b1cf2f4. Session (id:251720) created for first pak 25 flow_first_install_session======> route to 10.0.4.1 cached arp entry with MAC 001b17000111 for 10.0.4.1 arp entry found for 10.0.4.1 ifp2 ethernet3/3, out_ifp ethernet3/3, flag 00800800, tunnel ffffffff, rc 1 outgoing wing prepared, ready handle tunnel reverse route search route to (ethernet3/3, 10.154.8.125->171.74.126.8) in vr trust-vr for vsd-0/flag-3000/ifp-tunnel.1 cached route 27 for 171.74.126.8 [ Dest] 27.route 171.74.126.8->198.142.2.4, to tunnel.1 route to 198.142.2.4 going into tunnel. ifp2 tunnel.1, out_ifp tunnel.1, flag 00002801, tunnel 40000001, rc 1 flow got session. flow session id 251720 flow_main_body_vector in ifp tunnel.1 out ifp ethernet3/3 flow vector index 0x25, vector addr 0xb1cf2f4, orig vector 0xb1cf2f4 vsd 0 is active post addr xlation: 171.74.126.8->10.154.8.125. skipping pre-frag no more encapping needed packet send out to 001b17000111 through ethernet3/3 **** pak processing end. ****** 404435.0: packet received [60]****** ipid = 44812(af0c), @2d681110 packet passed sanity check. flow_decap_vector IPv4 process ethernet3/3:10.154.8.125/1->171.74.126.8/11678,1(0/0) existing session found. sess token 3 flow got session. flow session id 251720 flow_main_body_vector in ifp ethernet3/3 out ifp N/A flow vector index 0x25, vector addr 0xb1cf2f4, orig vector 0xb1cf2f4 vsd 0 is active post addr xlation: 146.147.28.46->171.74.126.8. skipping pre-frag going into tunnel 40000001. flow_encrypt: pipeline. chip info: PIO. Tunnel id 00000001 (vn2) doing ESP encryption and size =64 ipsec encrypt prepare engine done ipsec encrypt set engine done ipsec auth done ipsec encrypt engine released ipsec encrypt done put packet(90a9a80) into flush queue. remove packet(90a9a80) out from flush queue. **** jump to packet:132.190.53.10->198.142.2.4 packet encapsulated, type=ipsec, len=120 ipid = 34960(8890), @2d6810e4 out encryption tunnel 40000001 gw:142.190.43.1 no more encapping needed send out through normal path. flow_ip_send: 8890:132.190.53.10->198.142.2.4,50 => ethernet3/0(120) flag 0x0, vlan 0 mac 00000c07acfa in session packet send out to 00000c07acfa through ethernet3/0 **** pak processing end. SSG550(M)->