Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 27 subscribers
  • Views 1428 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

invalid tcp reserved bit problem

Daniel Bizzarro

Hi all, 

I've a big issue with a XG125 (SFOS 18.0.5 MR-5-Build586) of one of my customer.

in the enviroment are present one distribution robot, connected to the lan via a cisco 800 router, in the lan all work fine.


This cisco router is used by the the robot supplier. also to create a vpn tunnel for the remote support. 

now the problem is that:

The sophos xg mark as invalid trafic with "denied" sub status  most of the package with the message "nvalid TCP reserved bit."

I've tried all but I, dont have found a solution, also i've bypass the statefull firewall for the host and the address 
below the advanced configuration but no luck.

Someone can help me?



This thread was automatically locked due to age.
  • 0

    Hello Daniel,

    Thank you for contacting the Sophos Community.

    I see you had two cases created for this, one that mentioned the issue isn’t with the Sophos device, but the escalation engineer requested some logs and captures to investigate more about this, the engineer sent you what the escalation engineer requested but there wasn’t follow-up from your end.

    I would recommend you open a new case and gather all the information was requested in the last email. When doing that please reference the 2 cases you opened before.

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • 0

    Hi Daniel,

    Hi Emmanuel,

    Have you found any solution about this problem ?

    We encounter the exact same issue. Maybe you could save us some precious debugging time Slight smile

    Kind regards

  • 0 in reply to Camille_F

    Hello Camille,

    This is due to the Reversed Bit being sent by the application, Bits reserved must never leave, otherwise, this will cause the Malformed TCP errors, due to being outside of what the RFC standard says.

    You can try to work around by creating an exception on the specific rule for this device from the console

    console> set ips ac_atp exception fwrules XX (Where XX is the Firewall Rule ID)

    However this might not work but you can give it a try, or you would need to route the traffic via a Cisco device.

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?