cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2348
Views
0
Helpful
1
Replies

ssl truncated / unreassembled packet through firewall

rajivrajan1
Level 3
Level 3

Hi ,

Facing a problem with server communication.Have attached a diagram of network and communication details also mentioned in the same.

Design we can not change.Its a production setup.

If we are bypassing the firewall everything works fine.

but when communication pass through pix communication is not happening.

We did a packet Capturing ( attached those files also - need wireshark or etherial to open)

eye catchers in the output ( for ppl who could not open packet capture)

1.[Unreassembled Packet: SSL]

2.[Packet size limited during capture: SSL truncated]

Fire wall config :

nat-control enabled

static (inside,DMZ) 10.0.0.0 10.0.0.0 netmask 255.0.0.0

ACL on DMZ,

access-list DMZ, permit tcp host 10.0.228.202 host 10.0.229.24 eq 12508

access-list test-in permit ip host 10.0.228.202 host 10.0.229.24

access-list test-in permit ip host 10.0.228.202 host 10.0.0.50

capture test-in access-list test-in buffer 100000 interface DMZ

access-list test-out permit ip host 10.0.0.50 host 10.0.228.202

access-list test-out permit ip host 10.0.229.24 host 10.0.228.202

did anyone faced this kind of issues ...

any ideas suggestions welcome.

1 Reply 1