AP7522, Unable to work out an Error Code that im receiving
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎11-15-2017 03:18 PM
Use 3 WiNG Access Points in a Warehouse with 1 being the controller for the other two.
Receiving an Error Code on our Greylog:
ZEBRA-03 %DATAPLANE-4-DOSATTACK: BAD_PACKET: Bcast/Mcast ICMP not allowed : Src IP : 10.30.50.104, Dst IP: 224.0.0.1, Src Mac: B0-7F-B9-41-A5-38, Dst Mac: 01-00-5E-00-00-01, ICMP type = 9, ICMP code = 0, Proto = 1.
Cannot Work out what the issue is and how to fix it, Error Messages come in ever couple of seconds.
Also when looking at the Access Points Event History i get:
Client Assosiated to wlan ssid on radio....
Client Disassociated from wlan dot11i 4way handshake timeout
Client failed handshake on wlan.
Not sure if the these two issues relate or if two different issues, I've tried to change handshake timeout and it stopped the Client Assosiated Issue for a few minutes before coming back but the Greylog Error Code continued.
If someone knows how to sort these issues please help.
Receiving an Error Code on our Greylog:
ZEBRA-03 %DATAPLANE-4-DOSATTACK: BAD_PACKET: Bcast/Mcast ICMP not allowed : Src IP : 10.30.50.104, Dst IP: 224.0.0.1, Src Mac: B0-7F-B9-41-A5-38, Dst Mac: 01-00-5E-00-00-01, ICMP type = 9, ICMP code = 0, Proto = 1.
Cannot Work out what the issue is and how to fix it, Error Messages come in ever couple of seconds.
Also when looking at the Access Points Event History i get:
Client Assosiated to wlan ssid on radio....
Client Disassociated from wlan dot11i 4way handshake timeout
Client failed handshake on wlan.
Not sure if the these two issues relate or if two different issues, I've tried to change handshake timeout and it stopped the Client Assosiated Issue for a few minutes before coming back but the Greylog Error Code continued.
If someone knows how to sort these issues please help.
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎11-15-2017 03:33 PM
Thank you I will have a look at the Best Practices,
I'll have another go at changing the 4 way hanshake Timouts and Retries maybe I did something wrong.
Alona - Thanks for clarifying that the two issues are not related on the other hand means i have 2 issues and not 1 haha.
I'll have another go at changing the 4 way hanshake Timouts and Retries maybe I did something wrong.
Alona - Thanks for clarifying that the two issues are not related on the other hand means i have 2 issues and not 1 haha.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎11-15-2017 03:30 PM
DOS attack error states that you have multicast ICMP packet in you network coming from B0-7F-B9 OUI which is Netgear. WiNG firewall flags it and drops it. This has nothing to do with handshake timeout on wireless clients that you see. That can be a result of bad coverage or something else.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎11-15-2017 03:26 PM
Hi
The DOS firewall is aggressive in flagging questionable date.
please follow Best Pratices - http://documentation.extremenetworks.com/WiNG/Implementation_Guides/WING5X_Reference_Best_Practices_...
Important - please do not disable the firewall itself.
As far as the 4 way handshake, if increasing the TIMEOUTS and retries does not fix the problem, you may need to open a case with GTAC
The DOS firewall is aggressive in flagging questionable date.
please follow Best Pratices - http://documentation.extremenetworks.com/WiNG/Implementation_Guides/WING5X_Reference_Best_Practices_...
Important - please do not disable the firewall itself.
As far as the 4 way handshake, if increasing the TIMEOUTS and retries does not fix the problem, you may need to open a case with GTAC
