Could not open outbound connection?
Last modified on 9 Mar, 2021. Revision 4
"Could not open outbound connection?" message when using the Ping CLI command
| Up to date for | cOS Core 12.00.xx |
| Supported since | cOS Core 8.x |
| Status | OK |
| Author | Peter Nilsson |
Question:
When i perform a ping from the CLI console i get the following message : “Could not open outbound connection?” What is the reason for this?
Answer:
There are many of reasons for this, below is a list of both common and uncommon reasons.
- Failed to find a route to the destination IP
- Failed to find a route to the source IP
- The connection table is full (and conn-replace fails)
- Failed to acquire a new ICMP ID or source TCP/UDP port for NAT'ing
- UDP Src Port 0 is specified, but not allowed (by setting)
- Failed to acquire an IP from the NAT pool
- SLB fails to apply the configured policy
- Threshold rules does not allow a new connection at this stage
The first two, “Failed to find a route to dest/src IP” is the most common causes of this message.
Related articles
LogOpenFails and no_new_conn_for_this_packet log events.
23 Jun, 2021 core connections
23 Jun, 2021 core connections
Allowing Traceroute to and through cOS Core
23 Aug, 2022 core behaviour icmp ping traceroute
23 Aug, 2022 core behaviour icmp ping traceroute
What is a "zombie" connection?
24 Mar, 2021 core connections
24 Mar, 2021 core connections
Freeing up more memory in the Firewall
23 Aug, 2022 core connections ipsec memory
23 Aug, 2022 core connections ipsec memory