Application through PIX 7.2(2)on https 443 causing problem
We have a tomcat application hosted in DMZ zone. There is a Static NAT on PIX for access from outside. This application behaves intermittently when hosted on 443 port.Users get Page can't be displayed in iexplorer intermittently.
The same application works fine when the port is changed to 8443 on the server and the related ACLs are updated on PIX.
We tried various tests and till now it seems PIX is the culprit.
We removed the PIX and hosted the server directly on a public IP and executed the application on port 443 and it worked fine.
is there any reason why 443 would cause problems and 8443 would not? any of you faced a similar issue ?
Also to add up, we have an interesting capture report on the PIX.
The tomcat application was configured to run on https 8443 port. We did a telnet from internet on this IP on port 8443.
Result: This time telnet didnt connect. The output of Test2 and Test 3 varies randomly as stated above. Some times telnet connects to port 443 and sometimes it doesnt connect on 443. AND there is no application listening on 443 when we perform these tests.
Wht would cause this behavior on PIX? TCP interception has do anything ?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...