SRX Services Gateway
SRX Services Gateway

Strange reset as session finish

[ Edited ]
05.15.12   |  
‎05-15-2012 01:37 PM

Hi all, I manage some SRX cluster.

Some days we observe tcp reset in connection instead of finish and ack, All communication between server and client is from 8 packets. The 8th packet is in wireshark on server fin+ack. If we exchange firewall ... when client is in LAN only, then we get fin+ack, when the session is created via firewall, then we get 8th packet as tcp reset ...

We do not use security screen nor security flow features. So firewall should not change session establishment or closing? Have you some hint what to check?

 

Thanks V.

 

BTW this look like this PR ... http://prsearch.juniper.net/InfoCenter/index?page=prcontent&id=PR700301

2 REPLIES
SRX Services Gateway

Re: Strange reset as session finish

05.16.12   |  
‎05-16-2012 09:54 PM

Hi,

 

can you check if the RST is actually generated by firewall or it is coming from client/server?

 

sniffers on both the sides of the firewall should help in this case...

 

AVD

regards,
Avd
JNCIE-SEC #320

Please Mark My Solution Accepted if you think it helped!
SRX Services Gateway

Re: Strange reset as session finish

06.01.12   |  
‎06-01-2012 12:37 PM
Thanks for response. Problem is solved now, bad application settings or config ...