Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2386
Views
0
Helpful
1
Replies

ssl truncated / unreassembled packet through firewall

rajivrajan1
Level 3
Level 3

‎05-07-2009 08:45 PM - edited ‎03-11-2019 08:29 AM

Hi ,

Facing a problem with server communication.Have attached a diagram of network and communication details also mentioned in the same.

Design we can not change.Its a production setup.

If we are bypassing the firewall everything works fine.

but when communication pass through pix communication is not happening.

We did a packet Capturing ( attached those files also - need wireshark or etherial to open)

eye catchers in the output ( for ppl who could not open packet capture)

1.[Unreassembled Packet: SSL]

2.[Packet size limited during capture: SSL truncated]

Fire wall config :

nat-control enabled

static (inside,DMZ) 10.0.0.0 10.0.0.0 netmask 255.0.0.0

ACL on DMZ,

access-list DMZ, permit tcp host 10.0.228.202 host 10.0.229.24 eq 12508

access-list test-in permit ip host 10.0.228.202 host 10.0.229.24

access-list test-in permit ip host 10.0.228.202 host 10.0.0.50

capture test-in access-list test-in buffer 100000 interface DMZ

access-list test-out permit ip host 10.0.0.50 host 10.0.228.202

access-list test-out permit ip host 10.0.229.24 host 10.0.228.202

did anyone faced this kind of issues ...

any ideas suggestions welcome.

Labels:
22953-test-in
22952-test-out
26 KB
0 Helpful
1 Reply 1

rajivrajan1
Level 3
Level 3

‎05-08-2009 12:03 AM

this issue has been resolved by moving the app server to same segment -

- for future REF

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card