This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Is there a problem with following pcap

0

Hi there

I have a https listener running, supporting many clients. How ever one client cannot connect. I ran a network capture and got following. Can anyone advise what problem is?

screen shot

Is it something to so with cipher suites? I really appreciate any help here. Lost several days on this already.

asked 11 Jan '16, 08:08

edmondH's gravatar image

edmondH
6112
accept rate: 0%

FYI: the screenshot is not visible.

Furthermore, it's almost impossible to do packet analysis based on screenshots. Please upload the pcap file somewhere (google drive, dropbox, etc.) and post the link here.

(11 Jan '16, 08:11) Kurt Knochner ♦

sorry... here is screen shot

alt text

(11 Jan '16, 08:11) edmondH

Hi Kurt

Thanks for your help. Can u access it here?

https://drive.google.com/open?id=0B4e9GWrGlxl3azFMUnRpcl9KVkk

(11 Jan '16, 08:26) edmondH

It looks like the conversation breaks down after packet 39 where you attempt the TLSv1 handshake. Is your application using TLSv1 or a different version such as TLSv1.2, etc? From this first look I would guess it's due to TLS versioning or your ciphers.

(11 Jan '16, 08:51) csereno