ssl truncated / unressabled packet

Unanswered Question
May 7th, 2009
User Badges:
  • Bronze, 100 points or more

Hi ,


Facing a problem with server communication.Have attached a diagram of network and communication details also mentioned in the same.


Design we can not change.Its a production setup.


If we are bypassing the firewall everything works fine.


but when communication pass through pix communication is not happening.


We did a packet Capturing ( attached those files also - need wireshark or etherial to open)


eye catchers in the output ( for ppl who could not open packet capture)


1.[Unreassembled Packet: SSL]

2.[Packet size limited during capture: SSL truncated]


Fire wall config :


nat-control enabled


static (inside,DMZ) 10.0.0.0 10.0.0.0 netmask 255.0.0.0


ACL on DMZ,


access-list DMZ, permit tcp host 10.0.228.202 host 10.0.229.24 eq 12508


access-list test-in permit ip host 10.0.228.202 host 10.0.229.24

access-list test-in permit ip host 10.0.228.202 host 10.0.0.50


capture test-in access-list test-in buffer 100000 interface DMZ


access-list test-out permit ip host 10.0.0.50 host 10.0.228.202

access-list test-out permit ip host 10.0.229.24 host 10.0.228.202



did anyone faced this kind of issues ...


any ideas suggestions welcome.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
rajivrajan1 Fri, 05/08/2009 - 00:02
User Badges:
  • Bronze, 100 points or more

this issue has been resolved by moving the app server to same segment -


- for future REF

Actions

This Discussion