Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
355
Views
0
Helpful
0
Replies

Cisco 1702 with 2504 causes DDOS recognition

florian.hanig1
Level 1
Level 1

‎05-18-2017 02:58 AM - edited ‎07-05-2021 07:03 AM

Hello,

I have a setup with 5 of Cisco 1702 Accesspoints and 1 WLAN Controller (2504).

Now one of my Access Point sends Pakets to his default gateway in the magement Network.

The default gateway in Management Gateway is our Firewall (Lancom, no Cisco device.)

Now my Firewall detects possible DDOS Attacks from one of my Access Points.

Date: 5/18/2017 11:29:27

The packet below

Src: 10.0.99.244:23578  Dst: 10.0.99.244:37550 (TCP)

MAC-Header (14 Bytes)

   00 a0 57 1f 1b 43 00 a2  ee 60 06 2c 08 00       | ..W..C.. .`.,..  

IP-Packet (44 Bytes):

   45 00 00 2c 5a 29 00 00  ff 06 85 ba 0a 00 63 f4 | E..,Z).. ......c.
   0a 00 63 f4 5c 1a 92 ae  2e b4 af 51 d0 ac fe 8d | ..c.\... ...Q....
   50 10 10 20 27 bb 00 00  00 04 00 00             | P.. '... ....    

matched this filter rule: DoS protection
filter info:              packet with same source and destination address received from interface LAN-2

 

 

 

What does this AP do and how to prevent this  ?

It’s only from one of my Access Point.

I’ve reset this AP completely but „Problem“ persists.

Can anyone help me ?

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card