cancel
Showing results for 
Search instead for 
Did you mean: 

IP Firewall Policy - proto 17 is invalidated

IP Firewall Policy - proto 17 is invalidated

MI
New Contributor III
Hello,

we have enabled an IP Firewall Policy on one of our SSIDs. In our AP logs we have many entries like the one below (I've replaced the sensitive data):

Jan 6 11:09:06 <ap name> kernel: [fe]: IP session (id 394) <client ip>/49331 -> <dns server>/53, proto 17 is invalidated, reason ageout, lifetime 0 min 59 sec, user-name <user profile name>, hostname N/A -> user-name N/A, hostname N/A

What do they mean?

Thank you in advance.

Kind regards

MI
1 REPLY 1

ChrisS2
Extreme Employee

Hello,

These are normal messages, it is the AP purging an IP session after the inactive timeout value (59 seconds) was reached. Very similar to how a traditional firewall appliance handles IP sessions.

Thanks,
Chris

GTM-P2G8KFN