I'm seeing what I consider to be a higher than expected number of "Bad IP Checksum" messages in my firewall log. It's on an SG105 with not a lot of traffic (WAN is ADSL with about 7Mbit download), and i'm seeing such a packet every 2-10 minutes.
According to the logs, most of the packets originate from my laptop (and several other devices on the network) then to a (non-Sophos) Access Point, then to a switch, then to the SG105, so there is plenty of places a checksum error could creep in. I don't recall seeing this on my previous XG device which was an Intel NUC running XG inside Hyper-V, but was otherwise in the same setup (same laptop, same AP, same switch).
There are a small number of packets that have src and dst IP addresses that are not on my network, but given that the checksum error is in the IP packet, I can't trust anything in the IP packet itself to be correct, including the IP address.
I am seeing this on a few other XG v17 (and v17 MR1) devices, but not on anything older (based on a search for Message ID of 01001).
Does any of this sound normal? Maybe a few checksum errors every few thousand packets is normal, and i've just not looked or noticed before?
Thanks
James
This thread was automatically locked due to age.