I am using Cloud Security in a load balanced environment and see InvalidState packets


This article explains how to best configure Cloud Security when running in a load balanced environment where 'InvalidState' packets are observed.



  • 5nine Cloud Security



InvalidState means these packets may be coming back from a different system to the one where the initial connection was made to. Because of this Stateful Packet Inspection (SPI) doesn’t recognize it.

This can happen in case you use load balancers for this system. To let this traffic come through, you would need to bypass SPI table by using AllowNoSPI rule. This option can be found in the Action drop down when adding a rule:


Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.