FW: Broken pipe on SSL connections

["Ludolph, Michel" <Michel.Ludolph () atosorigin com>]

Hi,

Thanks for your replies. Meanwhile we have investigated and found a machine further down the line being reponsible for 
this. So NAT-time-outs had nothing to do with it. The responsible machine functions as a proxy and is unable to cope 
with the number of receiving TCP/IP-connections. Hosts up the line send TCP-syn requests, but do not get a reply. After 
a few efforts the hosts give up which results in a broken pipe being reported to the client.

Thanks again for your help. Regards,

Michel Ludolph

-----Original Message-----
From: Ludolph, Michel 
Sent: Friday, January 23, 2004 9:30 PM
To: 'firewall-wizards () honor icsalabs com'
Subject: Broken pipe on SSL connections


Dear Firewall Wizards, 

I have come across a strange problem of which I wonder if it is NAT related: 

We establish SSL-connections from a browser (IE) via a Cisco Content Switch to an SSL-accelerator. In between the 
browser and the Content Switch there is a Firewall with NAT enabled. Under high load (many users connecting 
simultaneously) we get a lot of Broken Pipe errors on client site, which indicates that the TCP/IP connection is 
unexpectedly closed.

Has anyone had a simular problem and was it NAT related? 

Thanks for your help in advance. 

Regards, 

Michel Ludolph 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards