ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
What causes "reject Internal error(0x33002801)" in the SSLV logs ?
Article ID: 169307
Updated On:
Products
SSL Visibility Appliance Software
Issue/Introduction
The follow sample entry is generated in the Syslog :
Dec 16 12:12:12 sslva ssldata[4444]: [A:88888888]* 1111111111 192.168.192.168:59999 -> 199.91.134.151:443 TLS1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 bto.bluecoat.com rule:1 reject Internal error(0x33002801)
Dec 16 12:12:12 sslva ssldata[4444]: [A:88888888]* 1111111111 192.168.192.168:59999 -> 199.91.134.151:443 TLS1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 bto.bluecoat.com rule:1 reject Internal error(0x33002801)
Cause
There was an out-of-bound TCP retransmission in the block cipher boundaries. In this case, SSLV will drop the retransmission and treat it as an internal boundary error.
The error code in question is part of the sanity check for TCP retransmissions.
The error code in question is part of the sanity check for TCP retransmissions.
Resolution
None.
Workaround
Use stream ciphers instead of block ciphers.Feedback
Yes
No
Powered by
