ISA570 system log error message http_pipelined_request_thread nonblocking_ssl_write SSL_ERROR_TIMEOUT
Recently I got some error messages on my ISA570 in the system log that start to increase during night. On a first view it looks like somebody trying to access the firewall with SSL, but then the information in the log does not help any further.
These are messages that indicate the communication between Security Services (sdsd) and the servers timed out. When this happens, it will attempt to retry. Which firmware version are you running? Are you seeing issues with Security Services not working or showing offline?
As for me, I have not got any further Response from Cisco. But I moved the ISA570 out of the production environment to a small test environment, and there I have never encountered the issue. So, still no definite answer, but only rumors.
As I mentioned in my earlier reply, those messages indicate the communication between Security Services (sdsd) and the servers timed out. It's ok to see them periodically in the logs as sdsd will retry. If you notice Security Services showing offline, then we will look at those logs to see what's going on.
The logs are not related to Heartbleed. I see a comment regarding that earlier in the thread and wanted to clear that up.
Let me know if you have any questions regarding this.
About a week after the release of the heartbleed bug, a Cisco employee said that this error is related to the heartbleed issue, when somebody tries to access. This made sense to me as we had this issue just coming up recently and on two different firmwares. However, officially Cisco stated that the ISA500 is still under investigation.
So I am not sure, but we removed all productive ISA500 firewalls in the company as the risk is definitely too high!! The good thing, now I have one at home and as I don't use any VPN or other external access at home it should be fine for AntiVirus filtering and basic firewall function.
As soon as I get an official statement, I'll report it here.
Article ID:3091 Reboot and Factory Default Reset on ISA500 Series
Integrated Security Appliances Objective Reboot or restart of the
network device is made when certain changes in the settings need reboot
or if the device is frozen. The configuration setti...
Article ID:3403 WAN Quality of Service (QoS) Policy Profiles Settings on
ISA500 Series Integrated Security Appliances Objective Wide Area Network
(WAN) Quality of Service (QoS) policy profiles manage traffic through
classed-based profiles. These profiles ...
Article ID:2922 Cisco QuickVPN Installation Tips for Windows Operating
Systems For a video showing installation tips on Quick VPN, visit
http://youtu.be/hHu2z6A78N8 Objective Cisco QuickVPN is a free software
designed for remote access to a network. It is...