Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[ScreenOS] Debug shows "packet dropped, drop by firewall check"



Article ID: KB13534 KB Last Updated: 16 Oct 2020Version: 4.0

When a debug is run, it shows that the firewall is dropping packets with the message: "packet dropped, drop by firewall check." This article explains what must be done to troubleshoot the issue.



In the ''debug flow basic' output, the following message is reported "packet dropped, drop by firewall check". Why would the firewall drop the packet?



This message is indicating that one of the Screening options configured on the firewall is being triggered, and it is blocking this traffic. 

  • View the event log with the command get event to see what screen options are being triggered.

  • View the screen counters, with the command get zone <zone_name> screen counter, to see which ones are incrementing.

Based on the options being triggered, you may need to correct the problem or adjust the settings; for example, you may need to adjust a session limit.


Modification History:

2020-10-16: Article reviewed for accuracy; article found valid and relevant; no changes made


Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search