Could not open outbound connection?

Last modified on 9 Mar, 2021. Revision 4
"Could not open outbound connection?" message when using the Ping CLI command
Up to date for
cOS Core 12.00.xx
Supported since
cOS Core 8.x
Status OK
Author
Peter Nilsson

Question:

When i perform a ping from the CLI console i get the following message : “Could not open outbound connection?” What is the reason for this?

Answer:

There are many of reasons for this, below is a list of both common and uncommon reasons.

  • Failed to find a route to the destination IP
  • Failed to find a route to the source IP
  • The connection table is full (and conn-replace fails)
  • Failed to acquire a new ICMP ID or source TCP/UDP port for NAT'ing
  • UDP Src Port 0 is specified, but not allowed (by setting)
  • Failed to acquire an IP from the NAT pool
  • SLB fails to apply the configured policy
  • Threshold rules does not allow a new connection at this stage

The first two, “Failed to find a route to dest/src IP” is the most common causes of this message.

Related articles

Using Stateless IP Policies in cOS Core
4 Apr, 2023 core stateless connections
Allowing Traceroute to and through cOS Core
23 Aug, 2022 core behaviour icmp ping traceroute
What is a "zombie" connection?
24 Mar, 2021 core connections
Troubleshooting cOS Core rules/routes with ping simulation
17 Mar, 2023 core routing rules ping icmp cli
Freeing up more memory in the Firewall
23 Aug, 2022 core connections ipsec memory