Hi,
Thanks for your replies. Meanwhile we have investigated and found a machine further down the line being reponsible for this. So NAT-time-outs had nothing to do with it. The responsible machine functions as a proxy and is unable to cope with the number of receiving TCP/IP-connections. Hosts up the line send TCP-syn requests, but do not get a reply. After a few efforts the hosts give up which results in a broken pipe being reported to the client.
Thanks again for your help. Regards,
Michel Ludolph
-----Original Message-----
From: Ludolph, Michel
Sent: Friday, January 23, 2004 9:30 PM
To: 'firewall-wizards_at_honor.icsalabs.com'
Subject: Broken pipe on SSL connections
Dear Firewall Wizards,
I have come across a strange problem of which I wonder if it is NAT related:
We establish SSL-connections from a browser (IE) via a Cisco Content Switch to an SSL-accelerator. In between the browser and the Content Switch there is a Firewall with NAT enabled. Under high load (many users connecting simultaneously) we get a lot of Broken Pipe errors on client site, which indicates that the TCP/IP connection is unexpectedly closed.
Has anyone had a simular problem and was it NAT related?
Thanks for your help in advance.
Regards,
Michel Ludolph
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Feb 01 2004
Intro
