Wireshark-users: Re: [Wireshark-users] TCP checksum off-by-one errors?
From: "Matthias Pigulla" <mp@xxxxxxxxxxxxx>
Date: Wed, 4 Mar 2009 16:52:23 +0100
Hi,

> Cisco Firewalls (and others) perform randomization and rewriting of
> initial TCP sequence numbers, therefore, they
> have to recalculate the UDP or TCP checksum as well. Try the keyword
> "norandomseq" in the nat/global or static
> statements that relate to this connection and see if it makes a
> difference.

I will try. But still, when the checksum is wrong for a received packet,
doesn't that mean that there's a problem on the sender's side or path?

Both observations you described seem to deal with the firewall sending
wrong checksums. In my case the received packets are wrong.

What might be in the packets sent through the firewall that affects
checksum calculation for packets sent back?

Thanks
Matthias