Wireless Access

Reply
Occasional Contributor II

TCP RST Replay Attack

I am running 6.1.2.5 OS and recently, we have some issue on our SAP session getting terminated and at the same time connection was lost. It was suspected that the client loses network connectivity, but from the auth tracebuf and other logs suggest, no network connectivity was lost. The client merely loses connection to the gateway. I can conclude that wireless is ok.

 

After which, we manage to find some settings and uncheck the following box Prohibit RST Replay attack. Now session was running normal. I am wondering could the client be triggering this security settings? How this security settings works?Condition to trigger this?  And the action taken by the controller when this clause was trigger?

 

PS: I am not able to conclude this causes the session disconnection and lost of gateway connectivity. But this is one setting that "resolve" this issue for the time being.

 

Prohibit RST Replay Attack

 

When enabled, closes a TCP connection in both directions if a TCP RST is

received from either direction. You should not enable this option unless

instructed to do so by an Aruba representative.

Default: Disabled

 

 

Guru Elite

Re: TCP RST Replay Attack

You could open a support case.  We would have to examine the details of your application to determine what is happening.

 

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Regular Contributor I

Re: TCP RST Replay Attack

what was the conclusion?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: