Symptoms
You may find that when enabling SSL (termination) and a CSW policy your SSL session fails due to the ADX issuing a RST back to the client.
When running a url debug via rcon you see the following :
Free multiple stored packets.
HTTP Split State: Waiting Headers!
HTTP Split State: Incomplete message, waiting for more …
>> Above Repeated 25 times <<
URL: process client packet return error CSW_PARSE_ERROR_MAX_MEMORY[80] ???
Issue
This can occur due to a bug with 12.3.1d were the ADX may send a RST back to the client if the client request spans more that 25 SSL records.
Typically this bug is observed in solutions where a reverse proxy is acting as the client due to the way in which the SSL records are split.
Solution
To resolve this issue you can either disable the CSW policy or upgrade to version 12.4.00b.
- How to Configure a BIND Server on Ubuntu - March 15, 2018
- What is a BGP Confederation? - March 6, 2018
- Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018
Want to become a networking expert?
Here is our hand-picked selection of the best courses you can find online:
Cisco CCNA 200-301 Certification Gold Bootcamp
Complete Cyber Security Course – Network Security
Internet Security Deep Dive course
Python Pro Bootcamp
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial