This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

We have a weird problem that can only be reproduced with iOS and Mac OSX. The problem occurs when the clients are redirected in a SSL-session which is done from a custom filter in a TMG. Looking at the logs in wireshark we get from the server FIN, ACK and then right after RST, ACK. The last ACK is for a sequence number I cannot find.

The weird thing is that we can only reproduce it with iOS and Mac OSX(and it happens every time). It works fine with windows, ubuntu, windows phone and so on. Has anyone seen these kind of problems with iOS/mac os?

No.     Time           Source             Destination       Protocol Length Info
  1 0.000000000    client-ip          server-ip         TCP      78     50847→443 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=32 TSval=490636520 TSecr=0 SACK_PERM=1
  2 0.009105000    server-ip          client-ip         TCP      74     443→50847 [SYN, ACK] Seq=0 Ack=1 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1 TSval=103007363 TSecr=490636520
  3 0.009225000    client-ip          server-ip         TCP      66     50847→443 [ACK] Seq=1 Ack=1 Win=131744 Len=0 TSval=490636529 TSecr=103007363
  4 0.010158000    client-ip          server-ip         TLSv1    303    Client Hello
  5 0.030827000    server-ip          client-ip         TLSv1    211    Server Hello, Change Cipher Spec, Encrypted Handshake Message
  6 0.030912000    client-ip          server-ip         TCP      66     50847→443 [ACK] Seq=238 Ack=146 Win=131616 Len=0 TSval=490636550 TSecr=103007365
  7 0.031190000    client-ip          server-ip         TLSv1    72     Change Cipher Spec
  8 0.031195000    client-ip          server-ip         TLSv1    119    Encrypted Handshake Message
  9 0.032129000    client-ip          server-ip         TLSv1    519    Application Data
 10 0.049597000    server-ip          client-ip         TCP      66     443→50847 [ACK] Seq=146 Ack=297 Win=131584 Len=0 TSval=103007367 TSecr=490636550
 11 0.049773000    server-ip          client-ip         TLSv1    343    Application Data
 12 0.049857000    client-ip          server-ip         TCP      66     50847→443 [ACK] Seq=750 Ack=423 Win=131328 Len=0 TSval=490636568 TSecr=103007367
 13 0.053849000    client-ip          server-ip         TLSv1    620    Application Data, Application Data
 14 0.056073000    server-ip          client-ip         TCP      66     443→50847 [FIN, ACK] Seq=423 Ack=750 Win=131072 Len=0 TSval=103007368 TSecr=490636568
 15 0.065695000    server-ip          client-ip         TCP      60     443→50847 [RST, ACK] Seq=424 Ack=1304 Win=0 Len=0
 16 0.295689000    client-ip          server-ip         TLSv1    620    [TCP Window Full] [TCP Retransmission] Application Data, Application Data
 17 0.572773000    client-ip          server-ip         TLSv1    620    [TCP Window Full] [TCP Retransmission] Application Data, Application Data
 18 0.924984000    client-ip          server-ip         TLSv1    620    [TCP Window Full] [TCP Retransmission] Application Data, Application Data
 19 1.430060000    client-ip          server-ip         TLSv1    620    [TCP Window Full] [TCP Retransmission] Application Data, Application Data
 20 2.239149000    client-ip          server-ip         TLSv1    620    [TCP Window Full] [TCP Retransmission] Application Data, Application Data
 21 3.400246000    client-ip          server-ip         TLSv1    620    [TCP Window Full] [TCP Retransmission] Application Data, Application Data
 22 5.521333000    client-ip          server-ip         TLSv1    620    [TCP Window Full] [TCP Retransmission] Application Data, Application Data
 23 7.642410000    client-ip          server-ip         TLSv1    620    [TCP Window Full] [TCP Retransmission] Application Data, Application Data
 24 9.763488000    client-ip          server-ip         TLSv1    620    [TCP Window Full] [TCP Retransmission] Application Data, Application Data
 25 11.884578000   client-ip          server-ip         TLSv1    620    [TCP Window Full] [TCP Retransmission] Application Data, Application Data
 26 14.005664000   client-ip          server-ip         TLSv1    620    [TCP Window Full] [TCP Retransmission] Application Data, Application Data
 27 16.126750000   client-ip          server-ip         TLSv1    620    [TCP Window Full] [TCP Retransmission] Application Data, Application Data
 28 18.247842000   client-ip          server-ip         TCP      54     50847→443 [RST, ACK] Seq=1304 Ack=423 Win=131328 Len=0

asked 01 Dec '14, 04:48

JanBanan's gravatar image

JanBanan
11112
accept rate: 0%

Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×53
×17
×10

question asked: 01 Dec '14, 04:48

question was seen: 1,922 times

last updated: 01 Dec '14, 04:48

p​o​w​e​r​e​d by O​S​Q​A