Wireless Access

Reply
MVP
Posts: 1,415
Registered: ‎10-25-2011

Bad Checksum issue (UDP-Encapsulation)

Here's a doozy.

 

We have been having issues with a specific ISP Provider which for some reason our RAP-AP93s have been dropping their IPSEC Tunnel back to our controler.

 

What we have seen through our firewall is something like this: (I changed the IP address, security reasons)

21:32:38.442151 IP (tos 0x0, ttl 54, id 11433, offset 0, flags [DF], proto UDP (17), length 144)
    999.234.27.39.60002 > 999.999.79.111.4500: [no cksum] UDP-encap: ESP(spi=0xc9aeec00,seq=0x225b), length 116
21:32:38.442253 IP (tos 0x0, ttl 253, id 0, offset 0, flags [none], proto UDP (17), length 144)
    999.999.79.111.4500 > 999.234.27.39.60002: [no cksum] UDP-encap: ESP(spi=0x38695b00,seq=0x2532), length 116
21:32:38.572358 IP (tos 0x0, ttl 54, id 11434, offset 0, flags [DF], proto UDP (17), length 160)
 

 As you can see from this line 999.234.27.39.60002 > 999.999.79.111.4500: [no cksum] UDP-encap:

It seems as though it is an issue with the ISP provider and we have been working with them to replicate the issue and they have been unable to, even the modem manufacturer is involved and they cannot replicate.

 

Has anyone seen something like this? The location is currently offline.

 

What can I gather from the controller in terms of logs to help move this along?

 

 

Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
Search Airheads
Showing results for 
Search instead for 
Did you mean: