Hi guys I am trying to diagnose a URL connection issue using wire-shark. We are not blocking planespotters.net on out firewalls / web-sense at all, and we have a route for URL the on firewalls too, but when we go to the URL the page remains blank. I have run a packet capture for this, and i am seeing the application data being sent, followed by all the ACK's, FIN ACK's, and all the usual guys that need to be there for the connection to go through. I have also seen only one line stating : 8919 200.864163 10.55.16.232 104.25.211.5 TLSv1.2 85 Encrypted Alert Not sure what that is or if it could be affecting the connection or not. But i guess what i am trying to ask is: What specifically should i be looking for in order to see successful connections? Or lack there of would indicate un-successfull connection to the URL? Any and all help would be much appreciated, thank you Regards, Ad asked 20 Oct '16, 03:28  UnConNecTed |
One Answer:
Well, that is a very broad question which could be answered by a book on troubleshooting. In your case where a SSL session towards a website (over a websense proxy) is involved one would see in a trace made on the client, the following:
Of course this is just a general idea, analyzing why something is not working would involve looking at the packets. Also, being able to receive data from the proxy down not mean it was the correct data or that it was data that the webbrowser could create a webpage from.
Again, this is too broad to answer. But missing parts of the above list might indicate an issue... answered 20 Oct '16, 04:11  SYN-bit ♦♦ |
