I have deployed ACE in a portal architecture with two web servers in test environment. ACE does the SSL offloading.
Users are experiencing 'Invalid Session' error 'randomly' while accessing various links on the web page. However, at other times same pages show perfectly.
This is only experienced while accessing the pages from the internet. It never happens on the local lan. So the only addition via internet is 1) the internet itself 2) outside ASA with CSC-SSM and 3) outside ASA with AIP-SSM
The URL is currently registered with the ISP DNS with a different IP (current Production). The test environment uses another public IP and the site is accessed via local host file. Over the internet, the traffic goes through transparent proxy as well.
When I captured the packets via Ethereal/Wireshark, I noticed 'Encrypted Alert' packets sent by ACE to the client. Following are the details of the packet
- SSLv3 Record Layer: Encrypted Alert
Content Type: Alert (21)
Version: SSL 3.0 (0x0300)
Alert Message: Encrypted Alert
Alert code 21 means 'Decryption failed (fatal, TLS only)'
The certificate is authentic and verified.
Please advise on how to troubleshoot this error.