Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ssl truncated / unressabled packet

Hi ,

Facing a problem with server communication.Have attached a diagram of network and communication details also mentioned in the same.

Design we can not change.Its a production setup.

If we are bypassing the firewall everything works fine.

but when communication pass through pix communication is not happening.

We did a packet Capturing ( attached those files also - need wireshark or etherial to open)

eye catchers in the output ( for ppl who could not open packet capture)

1.[Unreassembled Packet: SSL]

2.[Packet size limited during capture: SSL truncated]

Fire wall config :

nat-control enabled

static (inside,DMZ) 10.0.0.0 10.0.0.0 netmask 255.0.0.0

ACL on DMZ,

access-list DMZ, permit tcp host 10.0.228.202 host 10.0.229.24 eq 12508

access-list test-in permit ip host 10.0.228.202 host 10.0.229.24

access-list test-in permit ip host 10.0.228.202 host 10.0.0.50

capture test-in access-list test-in buffer 100000 interface DMZ

access-list test-out permit ip host 10.0.0.50 host 10.0.228.202

access-list test-out permit ip host 10.0.229.24 host 10.0.228.202

did anyone faced this kind of issues ...

any ideas suggestions welcome.

1 REPLY
New Member

Re: ssl truncated / unressabled packet

this issue has been resolved by moving the app server to same segment -

- for future REF

180
Views
0
Helpful
1
Replies