× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Start a New Discussion

Start a New Discussion

Orbi WiFi 7 RBE973
Reply

GS748Tv5 Printer Multicast blocked by Auto DoS

joelphilippage
Aspirant
Aspirant
‎2016-10-21 08:36 AM
‎2016-10-21 08:36 AM

GS748Tv5 Printer Multicast blocked by Auto DoS

Hi. I recently pruchased a ProSafe Smart Switch. One of the features I wanted was Auto-DoS detection that shuts off ports that are suspected of a DoS attack. Whenever I enable this, the two Lexmark printers on our network are quickly disconnected. I have contacted support twice. The first time I contacted them, they told me that this feature should be used as a fallback and I should have a firewall in place between the modem and the switch. I have since purchased a ProSAFE firewall and got it set up, but this has not solved the problem.

 

I contacted them again. They requested I monitor the packets and send them too them, but they have not gotten back to me on a solution. The packets that cause the alert art MDNS or Multicast packets. Here is what one of the packets looks like:

1	0.000000	10.0.53.17	224.0.0.251	MDNS	278	Standard query response 0x0000 PTR Lexmark T430._http._tcp.local PTR Lexmark T430._ftp._tcp.local PTR Lexmark T430._tftp._udp.local PTR Lexmark T430._printer._tcp.local PTR Lexmark T430._ipp._tcp.local PTR Lexmark T430._pdl-datastream._tcp.local

I have changed some of the flooding settings for that port, but this makes no difference. Are these just old printers? Is there a way to add an exception for a port and still have Auto-DoS enabled?

 

Thanks for the help!

-Joel

Model: GS748Tv5|ProSAFE 48-port Gigabit Smart Switch
Message 1 of 2
Labels:
0 Kudos
Reply

Accepted Solutions
DanielZhang
NETGEAR Expert
NETGEAR Expert
‎2016-10-24 12:25 AM
‎2016-10-24 12:25 AM

Re: GS748Tv5 Printer Multicast blocked by Auto DoS

Hi Joel,

 

Welcome to NETGEAR community!

 

I just check packets as your mentioned.Smiley Happy

Please try operation as below to work around this case on GS748Tv5.

--Disable UDP port service in Denial of Service Configuration page

MDNS-1.png

The root cause is the special MDNS packets that "Source port must be equal with destination port In MDSN according to RFC6762"

This option "UDP port" in Auto-DoS will drop these special packets and shutdown the port which receive its.

 

Let me know if this work around don't work.

 

Regards,

Daniel.

 

 

View solution in original post

Message 2 of 2
Reply

All Replies
DanielZhang
NETGEAR Expert
NETGEAR Expert
‎2016-10-24 12:25 AM
‎2016-10-24 12:25 AM

Re: GS748Tv5 Printer Multicast blocked by Auto DoS

Hi Joel,

 

Welcome to NETGEAR community!

 

I just check packets as your mentioned.Smiley Happy

Please try operation as below to work around this case on GS748Tv5.

--Disable UDP port service in Denial of Service Configuration page

MDNS-1.png

The root cause is the special MDNS packets that "Source port must be equal with destination port In MDSN according to RFC6762"

This option "UDP port" in Auto-DoS will drop these special packets and shutdown the port which receive its.

 

Let me know if this work around don't work.

 

Regards,

Daniel.

 

 

Message 2 of 2
Reply
Top Contributors
See All
Discussion stats
  • 1 reply
  • ‎2016-10-21 08:36 AM
  • 4001 views
  • 1 kudo
  • 2 in conversation
Announcements