Wireshark PCAP Query
Hello. I'm currently into an issue whereby internal LAN users are experiencing extremely slow response times and performance when accessing an external website. When this website is accessed from a non-network environment it works fine which points to it being an issue on our network.
From the errors I'm seeing in Chrome Developer tools, the issue seems to be pointing to the proxy server.
Summary below: External website: 213.212.88.203 Proxy Gateway: 10.20.148.100
I've made a couple of changes this morning. I've enabled an 'Any' rule for the purposes of testing. Also, on the proxy, I've set a static bypass on the proxy for all traffic going to the external website. So in theory, it should all be hitting the firewall rule and being allowed out.
I ran a packet capture this morning and noticed TCP syn is set to 1. Is this correct? Can anyone see any other issues in this pcap file that I may be missing?
Any assistance would be gratefully received.
Many thanks B
Can you put the pcap on a file sharing site and post a link to it here.
Hi bubba
Many thanks for your response. Here's link to the pcap file https://www.dropbox.com/s/o9o61v0p4er...
Many thanks B
The capture was on the output side of the proxy?
What was the input to the proxy - was this a single client trying to reach the server?
Yes thats right, its the outside of the proxy. On the inside of the proxy, ive set a static bypass for all traffic going to that destination. I will run another trace from the inside shortly and add the link. Does the pcap Ive added look all ok?
@balcee
I've moved your "answers" to be comments under the question, see the help and FAQ links for more info about how this Q&A site operates.