Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register
Options

DPI-SSL / IPv6 / ChromeOS

MartinDTMartinDT Newbie ✭
in Firewall Security Services

Hi,

Has anyone experienced issues, when using DPI-SSL / IPv6 / ChromeOS devices together?

We are finding that many websites fail to load on ChromeOS, when IPv6 is enabled with DPI-SSL, accessing that on a windows machine works fine.

They will see a “ERR_Connection_reset" message in the browser.

The following is reported in in DPI-SSL connection Failures "Server handshake error-error:00000001:lib(0):func(0):reason(1"

Packet trace has the following. "Ethernet Header Ether Type: IPV6(0x86dd), Src=[00:00:00:00:04:00], Dst=[1a:c2:41:00:2c:39] IPv6 Packet Header Next header: TCP(0x6), Src=[2606:****], Dst=[2a0c:****] TCP Packet Header TCP Flags = [ACK,RST,], Src=[443], Dst=[32792], Checksum=0x662f Application Header HTTPS Value:[1] DROPPED, Drop Code: 738(Packet dropped - cache add cleanup drop the pkt), Module Id: 25(network), (Ref.Id: _2297_dbdifBeeDmfbovq) 12:12)"

I did think it might be a certificate issue, but the correct ones are imported, plus it works on Windows devices, with the above enabled.

I’ve tried the following without luck How can I resolve drop code "Cache Add Cleanup"? | SonicWall

I opened a ticket with support, who were pretty useless and just told me to exclude everything from DPI-SSL, and have now closed the ticket, saying that bypassing DPI-SSL is a working fix, but not really an accepted secure one.

Just wondered if anyone else had a similar setup, who might have seen this, as without a working fix, it seems we will have to keep IPv6 disabled.

Thanks 

Category: Firewall Security Services
Reply
Sign In or Register to comment.