Re: TCP bad checksum errors from ACS appliance

k-oconnell · ‎12-02-2004

We have recently upgraded from a windows based ACS server to an appliance. Now all of our 6500 catalyst switches are reporting TCP bad checksum errors when authenticating to the new appliance(it does complete correctly). We took a sniffer trace and we do see 2 packets with checksum errors coming from the new appliance. It's also odd that both of the packets with the bad checksums have the exact same value (966E). I have had a Service Request on this problem but with no results. I would appreciate anything you could tell me on this issue.

Thanks very much

Kristina O'Connell

gfullage · ‎12-05-2004

Searched our fault database and there's been 3 reported occurrences of this (including yours), and a reboot of the ACS server has resolved the issue in the other two cases.

The developers are actively looking into it and are not sure what's going on at this stage. Basically ACS just uses the underlying Windows OS TCP/IP stack, it simply passes the packets off to that to be put onto the network, so ACS doesn't have anything to do with this functionality per se. Whether it's a hardware issue on the NIC's that the appliance is using we're not sure at this point, but are investigating.

cscales · ‎12-17-2004

We're having the same problem,

k-oconnell · ‎12-20-2004

We booted the TACACS appliance as the previous gentleman suggested and it did resolve the problem. The TAC engineer on our Service Request has referred it to the developers, but we haven't heard anything. It's been about 2 weeks and so far so good.