Brocade ADX: SSL Sessions fail when using CSW & Reverse Proxy


You may find that when enabling SSL (termination) and a CSW policy your SSL session fails due to the ADX issuing a RST back to the client.
When running a url debug via rcon you see the following :

URL: process client packet return error CSW_PARSE_ERROR_MAX_MEMORY[80] ???
Free multiple stored packets.
HTTP Split State: Waiting Headers!
HTTP Split State: Incomplete message, waiting for more …
>> Above Repeated 25 times <<
URL: process client packet return error CSW_PARSE_ERROR_MAX_MEMORY[80] ???


This can occur due to a bug with 12.3.1d were the ADX may send a RST back to the client if the client request spans more that 25 SSL records.
Typically this bug is observed in solutions where a reverse proxy is acting as the client due to the way in which the SSL records are split.


To resolve this issue you can either disable the CSW policy or upgrade to version 12.4.00b.

Rick Donato

Want to become a networking expert?

Here is our hand-picked selection of the best courses you can find online:
Cisco CCNA 200-301 Certification Gold Bootcamp
Complete Cyber Security Course – Network Security
Internet Security Deep Dive course
Python Pro Bootcamp
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial