Sonicwall TZ-600 or SSL Issue, one site non-accessible

By xendrome
in Smart Home, Network & Security

 Share

Recommended Posts

Grand Master

Haggis Veteran

Posted
  • Veteran
Posted

Not available

 

when i try to ping i also get

$ ping http://www.swdirectconnect.com
ping: unknown host http://www.swdirectconnect.com
Link to comment
Share on other sites
Grand Master

Haggis Veteran

Posted
  • Veteran
Posted

still nothing and all is well in my network

haggis@haggis-laptop ~ $ ping http://secure.swdirectconnect.com
ping: unknown host http://secure.swdirectconnect.com

haggis@haggis-laptop ~ $ ping google.com
PING google.com (216.58.210.14) 56(84) bytes of data.

64 bytes from lhr08s06-in-f14.1e100.net (216.58.210.14): icmp_seq=1 ttl=58 time=23.1 ms
Link to comment
Share on other sites
Grand Master

DaveLegg Developer

Posted
  • Developer
Posted

 

still nothing and all is well in my network

haggis@haggis-laptop ~ $ ping http://secure.swdirectconnect.com
ping: unknown host http://secure.swdirectconnect.com

haggis@haggis-laptop ~ $ ping google.com
PING google.com (216.58.210.14) 56(84) bytes of data.

64 bytes from lhr08s06-in-f14.1e100.net (216.58.210.14): icmp_seq=1 ttl=58 time=23.1 ms

 

You need to take the http bit off to ping, just use the hostname

Link to comment
Share on other sites
Grand Master

Haggis Veteran

Posted
  • Veteran
Posted

You need to take the http bit off to ping, just use the hostname

 

 

good shout

haggis@haggis-laptop ~ $ ping secure.swdirectconnect.com
PING secure.swdirectconnect.com (68.68.208.40) 56(84) bytes of data.

just sits there for ages doing nothing same without the secure.

Link to comment
Share on other sites
Grand Master

xendrome

Posted
  • Author
Posted

Ok gotcha, the site may be Geo-IP filtering Scotland. So not surprised. The admin at the other end is using a Sonicwall also and I know he told me he had Geo-IP filtering enabled.

Link to comment
Share on other sites
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

Dude if x1 is your interface on the outside -- your seeing RST there.. So they sent it

*Packet number: 9*

Header Values:

Bytes captured: 54, Actual Bytes on the wire: 54

Packet Info(Time:06/07/2015 11:44:55.800):

in:X1*(interface), out:X0, Forwarded, 2:2)

Ethernet Header

Ether Type: IP(0x800), Src=[ac:b3:13:0f:86:77], Dst=[18:03:73:49:24:2f]

IP Packet Header

IP Type: TCP(0x6), Src=[68.68.208.40], Dst=[172.16.50.210]

TCP Packet Header

TCP Flags = [ACK,RST,], Src=[443], Dst=[57612], Checksum=0x6d9

Link to comment
Share on other sites
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

They are clearly sending you RST it would seem. Which means I don't want to talk to you close this session.. Not a fin, hey I am done talking you done -- but RST

I would contact them, tell them to for starters fix their horrific HTTPS setup.. It is just pathetic.. And while your at it ask them why they are sending you RST when you connect from IP X, but not a problem from IP Y, etc..

Link to comment
Share on other sites
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

yeah that data just shows the same thing - they are sending you RST.. The duplicates are because your sniffing on both interfaces and seeing packets twice is what it looks like to me.

 

You seeing same packets from 18:b1:69:07:89:14, and :1e

 

And even the one that works looks horrific with retrans and why so many duplicate packets.. Now sure if it is how you sniffed on the out of order and duplicates, but there are retrans in there as well.

Link to comment
Share on other sites
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.