 | 1 | initial version |
I think I might be getting somewhere.
Yesterday the client experienced a disconnect and luckily I managed to capture my side of the traffic.
This is my current setup:
Windows Database << Cisco Firewall << Windows Application Server Running Remote App << WIndows Gateway Server << Proxy Receiving connections on 443 << Cisco ASA Receiving connections on 443
So after they disconnected I had a look at the capture and it matched up perfectly to the capture the client sent me a few days ago, I could see the same exact pattern, they sent a SYN on port 443 to my firewall and it responded with a RST, ACK - it continues for a little while until it connects successfully.
I know for a fact that port 443 was open on my firewall as it was accepting connections for other clients on the same IP Address, using the same Port, using the same Proxy device and same proxy service, so the issue logically would have to be on the either the Gateway server or the Application server not accepting new connections.
There is nothing int the Windows event logs to suggest an issue at the time of the disconnect but I however I did notice that TCP chimney, AutoTuning, Congestion Provider, Task Offloading and ECN Capability on the application server was not set correctly, these should all have been disabled but they were mostly enabled/automatic.
I have disabled these and enabled RSS on the VMXNET3 adapter and within Windows OS to see if it resolves issue.
I will report back if this has fixed it but this is the only thing I can think of at the moment.
| | 2 | No.2 Revision |
I think I might be getting somewhere.
Yesterday the client experienced a disconnect and luckily I managed to capture my side of the traffic.
This is my current setup:
Windows Database << Cisco Firewall << Windows Application Server Running Remote App << WIndows Gateway Server << Proxy Receiving connections on 443 << Cisco ASA Receiving connections on 443
So after they disconnected I had a look at the capture and it matched up perfectly to the capture the client sent me a few days ago, I could see the same exact pattern, they sent a SYN on port 443 to my firewall and it responded with a RST, ACK - it continues for a little while until it connects successfully.
I know for a fact that port 443 was open on my firewall as it was accepting connections for other clients on the same IP Address, using the same Port, using the same Proxy device and same proxy service, so the issue logically would have to be on the either the Gateway server or the Application server not accepting new connections.
There is nothing int in the Windows event logs to suggest an issue at the time of the disconnect but I however I did notice that TCP chimney, AutoTuning, Congestion Provider, Task Offloading and ECN Capability on the application server was not set correctly, these should all have been disabled but they were mostly enabled/automatic.
I have disabled these and enabled RSS on the VMXNET3 adapter and within Windows OS to see if it resolves issue.
I will report back if this has fixed it but this is the only thing I can think of at the moment.
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
