0 Replies Latest reply on Nov 21, 2019 6:57 AM by Pupetto

    SSH connection bypass deny firewall rules when SYN Flood Protection is enabled (Edge 6.4.5)

    Pupetto Lurker

      Hello,
      after a DDOS attack I have enabled the SYN Flood Protection on all my NSX Edges but suddenly I found out that the rule:

       

      Source: Any - Destination: VSE - Action: Deny

       

      was bypassed for SSH protocol and the port was reachable from extenal network and so from Internet.

      If I disable the SYN Flood Protection that rule starts working again.

      Any solution?

      Thank you