Wireless Access

Occasional Contributor II

TCP RST Replay Attack

I am running OS and recently, we have some issue on our SAP session getting terminated and at the same time connection was lost. It was suspected that the client loses network connectivity, but from the auth tracebuf and other logs suggest, no network connectivity was lost. The client merely loses connection to the gateway. I can conclude that wireless is ok.


After which, we manage to find some settings and uncheck the following box Prohibit RST Replay attack. Now session was running normal. I am wondering could the client be triggering this security settings? How this security settings works?Condition to trigger this?  And the action taken by the controller when this clause was trigger?


PS: I am not able to conclude this causes the session disconnection and lost of gateway connectivity. But this is one setting that "resolve" this issue for the time being.


Prohibit RST Replay Attack


When enabled, closes a TCP connection in both directions if a TCP RST is

received from either direction. You should not enable this option unless

instructed to do so by an Aruba representative.

Default: Disabled



Guru Elite

Re: TCP RST Replay Attack

You could open a support case.  We would have to examine the details of your application to determine what is happening.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Regular Contributor I

Re: TCP RST Replay Attack

what was the conclusion?

Search Airheads
Showing results for 
Search instead for 
Did you mean: