09-06-2017 01:02 AM
hello.although the rule is set to allow any but in request to some web-sites we can see such a problem.there is incomplete in application coloumn.i understand that it cannot pass the three-way handshake.but why only with any sites?
09-06-2017 01:28 AM
is your source NAT being applied properly? have you already taken a packetcapture to see what is being sent out and if you are receiving anything at all?
on the firewall you can use this guide to set up packetcaptures. if no packets return you may need to go to the upstream device to see what happens there: Getting Started: Packet Capture
09-06-2017 01:54 AM
it only happens with some of the web sites.not at all
09-06-2017 01:56 AM
Hi @Radmin_85,
HTTPS sites only ?
Any specific drops seen in global counters ?
Cheers,
-Kiwi.
09-06-2017 02:08 AM
Hi @Radmin_85
can you provide more information (packetcapture, global counters,...)
all we can determine from your screenshot is that at least a SYN packet was sent out and that the server did not send something back at an early stage of the session, but it either did not reply to the handshake or did not reply to the client hello, more information will help determine what could be the root cause
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
