Hello, I'm getting a timeout/"web page unavailable" on a network device i should be able to login via HTTPS. That port is open and I can telnet to 443, so I did a trace. I've attached a trace file. I am the .160 address and the network device is the .115 address (I've anonymized the trace). I really don't understand why the FIN is coming from my machine at packet 6... Here is the trace file: https://drive.google.com/file/d/0B8-kDu5JM-P2NmxPWDltX3Y5dkk/view?usp=sharing Thanks in advance for any help. asked 05 Dec '14, 15:36  patrick_harrold |
2 Answers:
As @mrEEDE said unless you create another capture containing all the traffic (did you sanitise the first in some way by chopping bytes?) it's hard to tell what's going on. My guess is that the server doesn't properly handle something in the client hello, e.g. SSL protocol level or cipher choice, and instead if returning a sensible response, or closing the connection itself, it just isn't responding leading the client to timeout and close the connection. Try making the client use a different ssl level, e.g. drop down if currently using TLS 1.2, or move up if using SSL 3.0. answered 07 Dec '14, 05:59  grahamb ♦ |
You did not trace the full packets so it's hard to comment based on ip/tcp headers only . If the client's 211 bytes is a ClientHello then the server should respond with a ServerHello, which it doesn't. If this is not a ClientHello then the server is right in not responding... Regards Matthias answered 07 Dec '14, 02:32  mrEEde |
Apologies for the late reply. Thank you both for the help.