12/20/2019 178 People found this article helpful 462,124 Views
Running a packet capture is showing a dropped packet as below:
Drop Code: Connection Cache Add Failed (or any type of Cache drop packet)
This can happen when one side of a TCP connection either ends (FIN) the connection or resets it (RST).The SonicWall keeps track of the state of the TCP connection and once it sees either of these two packets, it closes the socket.All subsequent packets sent on the same socket will be dropped because they are invalid (they reference a connection that no longer exists).
In a Site to Site VPN context, to avoid these types of dropped packets it's strongly recommended to use Public IP addresses on the WAN interfaces of both sides of the VPN.
Indeed a double NAT in some network environments can cause issues with the packet transmission and as a consequence drops packets.