Imperva Cyber Community

Expand all | Collapse all

Thoughts on why no packets?

Jump to Best Answer
  • 1.  Thoughts on why no packets?

    Posted 03-02-2021 12:42
      |   view attached
    Hello community,
    Do you have any thoughts or advice about where in the network I should look to troubleshoot a problem based on the following information.  To provide additional information a network diagram is attached.

    I logged into the CLI on the gateway WAF and ran these commands.
    tcpdump -nnpi eth2 dst
    tcpdump -nnpi eth2 dst

    The output from the packet capture of show lots and lots of packets.  This makes sense as this is a web site that is working and has been working for several years.

    The output from the packet capture of shows
    0 packets captured
    This is a new web site we are implementing and haven't been able to access.  I was capturing packets on eth2 which is the side of the gateway WAF that faces the firewall.  Since there were no packets coming in does it seem like there is a problem at the firewall?



  • 2.  RE: Thoughts on why no packets?
    Best Answer

    Imperva Employee
    Posted 03-04-2021 05:28
    Hi Fred,

    It looks like you are running in Bridge mode, is that correct?

    If you are not seeing any packets destined for at all, then the issue will be at your firewall, potentially with the NAT setup there.
    In Bridge mode, the WAF is essentially acting as a very smart ethernet cable, and if no packets are seen on the ingress/client interface (eth2), it means the FW is not sending them through the GW.

    Stefan Pynappels
    Escalation Engineer