Forum Discussion
Let me put this in a simple way -
Servers(10.10.10.x(VLAN10) and 10.10.11.x(VLAN11))-->Switch-->LB--->Firewall-->Internet
LB is the default gateway for both the VLAN.
SPAN traffic from both the VLAN is being sent to websense server network port by the switch.
My websense(running in promiscuous mode) sits on 10.10.0.x(VLAN10) subnet and its able to do the URL filter for this subnet, meaning websense is able to send the reset packet directly to the client as the client is on the same subnet as the websense and the reset packet doesn't has to be routed throught the LB. But this is not the case for 10.10.11.x(VLAN11) as the reset packet from websense has to reach the client through LB. When LB receives the Reset pakcet it silently drops it( I am assuming that due to stateful inspection of LB its dropping the packet).
How to prevent this?