D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: yoteur on September 02, 2010, 08:48:09 AM

Title: DFL 800 invalid_ip_checksum IPSEC
Post by: yoteur on September 02, 2010, 08:48:09 AM

Hi all!

I have a PSK IPSEC tunnel with a partner, the tunnel is up, my rules seems to be good but when my partner tries to contact my server behind the dlink he has no answer and I see his packet drop in logging:
Warning IP_ERROR 01500005 LogChecksumErrors TCP my_tunnel_ipsec srce_ip/dest_ip 4 invalid_ip_checksum drop

Do you know where does that come?

Thanks
Alexaa

Title: Re: DFL 800 invalid_ip_checksum IPSEC
Post by: Fatman on September 02, 2010, 09:34:53 AM

Tunnel or Transport?

NAT in front of your VPN devices?

Title: Re: DFL 800 invalid_ip_checksum IPSEC
Post by: yoteur on September 06, 2010, 02:08:51 AM

My tunnel works like that:
there is only traffic from my partner to my servers. I use SAT Action to dest nat from virtual IP on thje dlink to the real ip on thje server.

Then I have a rule used from my network to partner network where I use NAT action. I source nat my private IP.


Thanks,
Alexaa