Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 27 subscribers
  • Views 1430 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

invalid tcp reserved bit problem

Daniel Bizzarro

Hi all, 

I've a big issue with a XG125 (SFOS 18.0.5 MR-5-Build586) of one of my customer.

in the enviroment are present one distribution robot, connected to the lan via a cisco 800 router, in the lan all work fine.


This cisco router is used by the the robot supplier. also to create a vpn tunnel for the remote support. 

now the problem is that:

The sophos xg mark as invalid trafic with "denied" sub status  most of the package with the message "nvalid TCP reserved bit."

I've tried all but I, dont have found a solution, also i've bypass the statefull firewall for the host and the address 
below the advanced configuration but no luck.

Someone can help me?



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Camille_F

    Hello Camille,

    This is due to the Reversed Bit being sent by the application, Bits reserved must never leave, otherwise, this will cause the Malformed TCP errors, due to being outside of what the RFC standard says.

    You can try to work around by creating an exception on the specific rule for this device from the console

    console> set ips ac_atp exception fwrules XX (Where XX is the Firewall Rule ID)

    However this might not work but you can give it a try, or you would need to route the traffic via a Cisco device.

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?