Post 7.0x upgrade intermittend SSL traffic hangs when being decrypted

cancel
Showing results for 
Search instead for 
Did you mean: 

Post 7.0x upgrade intermittend SSL traffic hangs when being decrypted

L1 Bithead

Hi

 

We have noticed this with two customers and on our own PA's , all of these are PA3020's in a HA a/s setup 

SSL decrypted outbound traffic hangs intermittently for a few minutes and then it starts to pass through again.

 

This happens both with 7.0.1 and 7.0.2 

 

anyone seen this issue as well ?

kinda hard to work with support on this since it's intermittent 

 

regards

Gudmundur

59 REPLIES 59

L1 Bithead

Can either the original poster or someone from PA take away the 'Solved' marking for this thread? This issue is not resolved.

Hi,


Do you have the case number for this problem and the bug id?

 

/Jo Christian

/Jo Christian

Hi Guys,

 

Just checking if anyone here has found a work around on this issue, We are very close to turning off SSL Decryption until there is a permanent fix.  I will hold off until i hear from someone.

 

Thanks

Sol.

I worked with support this morning and turned my decryption back on so we can get a memory dump during the event (which we did), and then I turned decryption back off because for me it causes a 5-8 minute outage every 45 minutes. They way I see it is the only solution I'm hear at this time is to backrev to 6.1.x or turn off decryption. I don't like either solution, but I don't feel like going back to 6.1.7 at this point.

-Brad

I did call out this thead in my ticket to at least make them aware of the scope of the problem if they weren't already.

 

Now they want me to turn back on SSL decryption and break a production network to capture some more log details. Don't they have labs for this sort of thing? I can't imagine all of our configurations are similar enough to cause this problem but they can't reproduce it internally.

I know how you feel I had to do the same thing. I turned decryption back on overnight, and I setup a early morning time to do the captures they wanted and quickly turned decryption off again. They told me they opened bug 86948 after I took my captures.

-Brad

Retired Member
Not applicable

Hi all – wanted to chime in thank all of you affected for your patience on this issue. We are sorry this is creating frustration. The team is very focused on getting it resolved. As we try to target and resolve the issue, the more insight we can gain from different traffic flows, the better. So – if you’re experiencing issues with this and haven’t contacted support yet, please do so. It will help us help you.

Thanks,

- Jeff

Is there any new news on this issue. My students are starting to figure out that decryption is off and are starting to run wild. I'll really don't want to roll back to 6.1.x, but I may be forced to do that. <SIGH>

-Brad

So far my case (381368) is still in 'Engineering Escalation' and was last touched on 11/5. I haven't heard anything about a expected resolution date or release.

Yea my case has the same status.

-Brad
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!