What causes "reject Internal error(0x33002801)" in the SSLV logs ?

Article Id: 169307

Status: Published

Updated On: 13-05-2017 12:33

Legacy Id: TECH246182

Products:

SSL Visibility Appliance Software

Issue/Introduction:

The follow sample entry is generated in the Syslog :
Dec 16 12:12:12 sslva ssldata[4444]: [A:88888888]* 1111111111 192.168.192.168:59999 -> 199.91.134.151:443 TLS1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 bto.bluecoat.com rule:1 reject Internal error(0x33002801)

Cause:

There was an out-of-bound TCP retransmission in the block cipher boundaries. In this case, SSLV will drop the retransmission and treat it as an internal boundary error.

The error code in question is part of the sanity check for TCP retransmissions.

Resolution:

None.

Workaround

Use stream ciphers instead of block ciphers.