Syn Attack and Router dropping Internet
Arris G54 - Bridge mode, firewall turned off.
IPv4/IPv6 DNS Relay is enabled
DHCP Server is not enabled
Omada Hardware Controller OC200 2.0 EAP783(US) v1.0 Firmware 2.16.3 Build 20240620 Rel.81038 Controller Version 5.14.26.23
JetStream 24-port Switch SG3428XPP-M2 v1.20 Firmware 1.20.3
Omada BE2200 EAP783(US) v1.0 Firmware 1.0.10
Omada VPN Router ER8411 v1.0 Firmware 1.2.1
AP and Controller are plugged into the switch.
Switch is plugged into the router:
Switch ports: 17, 19, 20, 23, 25, 26
to
Router ports: 8, 9, 10, 11, 2, 3
Router is plugged into the Arris 10G port from router port 4
Wired LANS are setup as Interfaces.
EAP ACLs map WLANs to respective LANs
No Gateway ACLs
I keep having these issues:
1. Notifications of "Port Blocked Warning Jetstream SG3428XP...'s port Tw1/0/21 was blocked." - The LAN to WAN ports on the switch keep getting blocked. To the point of about 9,000 warning over the last month.
2. "Detected TCP SYN packets attack and dropped XXX packets." The SYN 'attacks' keep happening at a regular 10 minute interval 24/7. This seems to be a common issue posted to the forums several times. I firmly believe this is something on the local side of the network.
3. Router keeps loosing connection to the modem.
Power cycling the Router gets it to reconnect to the modem.
Turning off:
Multi-Connections TCP SYN Flood and
Block TCP Scan with RST
Stops the SYN attach notifications.
There are no conflicting sub-nets.
Loopback detection is turned on for the Switch.
I turned on Spanning Tree: STP to see if that would help. It did not stop any of the issues.
I used the Arris G54 in model/router mode prior to adding the Omada setup without any of these issues. It stayed connected 100% without dropping randomly.
I can't find any useful information in the logs... I have read through numerous forums to see if anyone else has any answers/solutions.
I initially upgraded to the Omada stack due to my spouse and I both working from home. We work for different Healthcare systems that require us to use VPNs out. We work for different companies so I wanted to beef up the hardware for our internet.