HTTPS traffic being classified as RTMP?

Reply
Highlighted
L1 Bithead

HTTPS traffic being classified as RTMP?

Hey all,

 

First time poster, long time lurker.  I have an odd issue with certain traffic being classified as RTMP.  

 

Our guest wireless and corporate wireless exist in different zones.  Their address space is different, too.  We have two separate policies for corp and guest traffic, permitting http/https outbound to our external zone interface any any destination address.

 

What is odd is that some traffic hits the correct corp policy id, but other traffic hits a policy that is supposed to be for RTMP traffic:

 

Src Zone: Internal

Source: Any

Dst Zone: External

Destination: Any

Application: rtmp

Service: application-default

Action: allow

 

Only some traffic hits this policy, though.  For example I'm able to go to https://www.networklessons.com and it loads fine, hitting the right policy.  A packet capture shows a full three way handshake on the right policy, but only SYN and retransmit packets on the RTMP policy.

 

Any idea why only some of our https traffic is hitting that policy?

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!