ssl truncated / unreassembled packet through firewall

Unanswered Question
May 7th, 2009

Hi ,

Facing a problem with server communication.Have attached a diagram of network and communication details also mentioned in the same.

Design we can not change.Its a production setup.

If we are bypassing the firewall everything works fine.

but when communication pass through pix communication is not happening.

We did a packet Capturing ( attached those files also - need wireshark or etherial to open)

eye catchers in the output ( for ppl who could not open packet capture)

1.[Unreassembled Packet: SSL]

2.[Packet size limited during capture: SSL truncated]

Fire wall config :

nat-control enabled

static (inside,DMZ) netmask


access-list DMZ, permit tcp host host eq 12508

access-list test-in permit ip host host

access-list test-in permit ip host host

capture test-in access-list test-in buffer 100000 interface DMZ

access-list test-out permit ip host host

access-list test-out permit ip host host

did anyone faced this kind of issues ...

any ideas suggestions welcome.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
rajivrajan1 Fri, 05/08/2009 - 00:03

this issue has been resolved by moving the app server to same segment -

- for future REF


This Discussion