Proxy rejects one ip out of Natted subnet the from the clients end when reaching to my authenticated site. What other methods i can check or do without placing the IP in bypass mode. The other Natted IPs in the range can access the site without any issues and I am able to see they are connected.
1.Check logs and indicated when trying to reaching to authenticated site this error keeps appearing:
Dameon.Alert X.X.X.X ProxySG: 80204 Abnormal receive request termination of connection from local port 40436 to advance forwarded server 198.X.X.X 13 retransmission occured with at least one packet having 13 retransmission(0) SEVERE_ERROR htp_server.cpp 5437
2. When doing a pcap capture and review the logs it shows the client end ip (natted IP) is trying to reach my site ; However, it shows RST termination errors. It doesn't give the full acknowledgement , never starts the hello, or certificate process.
I pulled logs the following logs and no result:
1.SSLDEBUG
2. Policy Trace
3. When I place the "Natted IP" into bypass mode, I was able to see in pcap the full acknowledgment, hello ,and authentication process.
4. Checked my firewall and i see the Natted IP able to reach within my network and going out the network. The only issue it stops at my reverse proxy.
------------------------------
Tekola Wells
------------------------------