Help! We converted to a new IBM iSeries (AS400). Since the conversion I can't connect to our EDI trading partner's FTP server using SSL. I sill have access to our old AS400 and it connects fine. However when I attempt to connect with my new server the connection hangs after "234 AUTH TLS successful". In the pcap file, after sending "Client Hello" I get back "TCP Previous segment not captured".
The two AS400 servers are different models, but the OS, user data and configuration was copied and reloaded to the new server. (i.e. a complete scratch load of the OS). So the two system should be identical from an OS perspective.
I asked tech support on the FTP server side to send me a new CA certificate, which I installed. Still didn't help.
Below is a screen capture of the pcap file. (I can't upload attachments yet).
Blockquote 5Ø22 21 Seq—ø Win-65535 Len-e mss-146ø WS-16 TSva1-415Ø3ØØØ TSecr-Ø 21 5Ø22[SYN Ack=l Win=3212ø cen=ø mss=146ø 5Ø22 21 [ACK] Seq=l Ack=l Win-65535 Len=ø Response: 220 104.42.213.85 FTP server ready Request: AUTH TLS 21 5Ø22 [ACK] Seq=37 Ack=ll Win-32110 Response: 234 AUTH TLS successful Client Hello (TCP Previous segment not captured] , Continuation Data [TCP Dup ACK 8±1] 5Ø22 -+ 21 [PSH, ACK] Seq-154 Ack-62 Win-65535 Len-e Continuation Data Dup ACK 8*2] 5Ø22 21 [PSH, Seq=154 Ack=62 Win=6SS3S Len=ø Response: 55B TLS handshake failed Dup ACK 8#3] se22 21 [PSH, Seq-154 Ack-62 Win-6SS35 Len-e 22271 21 [SYN] seq=ø Win-65535 Len-e mss=146ø ws=16 Tsva1=42øueøe Tsecr=ø 21 22271 SYN ACKI Seq=ø Ack=l Win—3212ø Len—e mss=146ø 22271 21 CACKI Seq=l Ack=l Kin-65535 Len-e
