Sikich recently ran into an issue whiling trying to transfer large amounts of data through a site-to-site VPN tunnel using two SonicWall firewalls. Each attempt would result in a TCP timeout at random times during the process. I proceeded to do a packet capture from the firewall, and the last error before the failure was the following:
DROPPED, Drop Code: 138(IDP detection OOO Exceeded Max), Module Id: 25(network)
As part of my normal troubleshooting process, I turned off all security services on both firewalls, and yet, the errors continued.
I called up SonicWall support, and they said this is a known issue with firmware version 6.5.1.1-42n. They told me two different ways to fix the issue.
- Apply HF204430-4n to the affected firewalls. Doing so will cause a reboot.
- If you can’t afford any down time, then disable DPI under the advanced section on the appropriate access rule.
Most businesses cannot afford any down time, and we were no exception. I attempted the second solution. I can thus confirm that disabling DPI in the access rule did work, but that said, I did not want to leave it disabled for long.
After I was able to complete the transfer, I applied the hot-fixes and all subsequent file transfers continued to work.
If your SonicWall firmware is running version 6.5.1.1-42n, take note of this known issue and how to properly troubleshoot it. Hopefully SonicWall will rectify this in their next firmware update.
Running into other IT issues? Contact the experts at Sikich to help with your technical support needs.
This publication contains general information only and Sikich is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or any other professional advice or services. This publication is not a substitute for such professional advice or services, nor should you use it as a basis for any decision, action or omission that may affect you or your business. Before making any decision, taking any action or omitting an action that may affect you or your business, you should consult a qualified professional advisor. In addition, this publication may contain certain content generated by an artificial intelligence (AI) language model. You acknowledge that Sikich shall not be responsible for any loss sustained by you or any person who relies on this publication.