[afnog] https through NAT
Stephane Bortzmeyer
bortzmeyer at nic.fr
Mon Oct 8 10:53:02 UTC 2012
On Mon, Oct 08, 2012 at 10:13:32AM +0000,
abel ELITCHA <kmw.elitcha at gmail.com> wrote
a message of 132 lines which said:
> i get this output with the openssl s_client
>
> CONNECTED(00000003)
It means the TCP handshake was done. So, it is not a layer-3 issue,
you can go to the site.
> write:errno=104
Bad ("Connection reset by peer")
> SSL handshake has read 364 bytes and written 0 bytes
> ---
> New, (NONE), Cipher is (NONE)
Bad, bad. When it works, it should be something like (try with another
site, to see):
SSL handshake has read 3092 bytes and written 518 bytes
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
I strongly suspect that there is a broken middlebox (firewall, etc)
somewhere between your client and this server. It broke the TCP
session as soon as TLD negociation started. DPI device, may be.
More information about the afnog
mailing list