We are having an issue with our CSS11501,version sg0810106.
our web app is using alot of web requests (up to one every 15 seconds )
for some reason occasionally our session is being dropped, and we can't connect for few minutes.
i just found out that the source ip address of the client is showed as a source for "syn attack" when i issue "show dos".
does the CSS block my legitimate traffic as suspected syn attack?
if so how can i work around it?
why does it pick it as syn attack how can i improve its false detection?
Can anyone help me with this?
It will reset the connection after 16 seconds.
No blocking of further syn.
The document you referenced is old.
The behavior has changed a long time ago.
Check the destination. See if it gets the SYN and why it does not respond.