Wireless Access

Occasional Contributor II

TCP RST Replay Attack

I am running OS and recently, we have some issue on our SAP session getting terminated and at the same time connection was lost. It was suspected that the client loses network connectivity, but from the auth tracebuf and other logs suggest, no network connectivity was lost. The client merely loses connection to the gateway. I can conclude that wireless is ok.


After which, we manage to find some settings and uncheck the following box Prohibit RST Replay attack. Now session was running normal. I am wondering could the client be triggering this security settings? How this security settings works?Condition to trigger this?  And the action taken by the controller when this clause was trigger?


PS: I am not able to conclude this causes the session disconnection and lost of gateway connectivity. But this is one setting that "resolve" this issue for the time being.


Prohibit RST Replay Attack


When enabled, closes a TCP connection in both directions if a TCP RST is

received from either direction. You should not enable this option unless

instructed to do so by an Aruba representative.

Default: Disabled



Guru Elite

Re: TCP RST Replay Attack

You could open a support case.  We would have to examine the details of your application to determine what is happening.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Regular Contributor I

Re: TCP RST Replay Attack

what was the conclusion?

Search Airheads
Showing results for 
Search instead for 
Did you mean: