05-15-2012 01:37 PM - edited 05-15-2012 01:43 PM
Hi all, I manage some SRX cluster.
Some days we observe tcp reset in connection instead of finish and ack, All communication between server and client is from 8 packets. The 8th packet is in wireshark on server fin+ack. If we exchange firewall ... when client is in LAN only, then we get fin+ack, when the session is created via firewall, then we get 8th packet as tcp reset ...
We do not use security screen nor security flow features. So firewall should not change session establishment or closing? Have you some hint what to check?
BTW this look like this PR ... http://prsearch.juniper.net/InfoCenter/index?page=prcontent&id=PR700301
05-16-2012 09:54 PM
can you check if the RST is actually generated by firewall or it is coming from client/server?
sniffers on both the sides of the firewall should help in this case...
Please Mark My Solution Accepted if you think it helped!