What causes "reject Internal error(0x33002801)" in the SSLV logs ?
Article ID: 169307
SSL Visibility Appliance Software
The follow sample entry is generated in the Syslog :
Dec 16 12:12:12 sslva ssldata: [A:88888888]* 1111111111 192.168.192.168:59999 -> 188.8.131.52:443 TLS1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 bto.bluecoat.com rule:1 reject Internal error(0x33002801)
There was an out-of-bound TCP retransmission in the block cipher boundaries. In this case, SSLV will drop the retransmission and treat it as an internal boundary error.
The error code in question is part of the sanity check for TCP retransmissions.
WorkaroundUse stream ciphers instead of block ciphers.