sipl_aac00
asked on
Sonicwall Connection RST
We are using Sonicwall NSA 220. We have both Linux based system and windows based systems. On the Linux based systems we are using thunderbird as email-client and on the windows based systems we are using outlook as email-client.
Problem:
On the Linux side:
I am unable to send email using thunderbird. Firewall logs show:
11 09/20/2013 11:09:34.096 Debug Network TCP connection abort received; TCP connection dropped 192.168.1.177, 26569, X0 (admin) mail-server:IP, 443, X1 TCP Flag(s): ACK RST
Download for emails is happening successfully without any problems.
When I use the firefox browser on the Linux box, The login goes through, however if I wish to send an email with attachment of 100KB or more, the connection times out. at the same time if I send a simple test-email, then the email goes through.
On the Windows side:
send/receive of emails using outlook as well as firefox/IE is going through without any errors.
Attempts to solve problem:
1. We had attempted to create a DMZ-zone a couple of days back, so to rule out any misconfiguration we have restored old Config from back as of 19-Aug.
Any suggestions on why this would be happening and if we can enable any addition logging to pin-point the problem.
regards
Abhijit
Problem:
On the Linux side:
I am unable to send email using thunderbird. Firewall logs show:
11 09/20/2013 11:09:34.096 Debug Network TCP connection abort received; TCP connection dropped 192.168.1.177, 26569, X0 (admin) mail-server:IP, 443, X1 TCP Flag(s): ACK RST
Download for emails is happening successfully without any problems.
When I use the firefox browser on the Linux box, The login goes through, however if I wish to send an email with attachment of 100KB or more, the connection times out. at the same time if I send a simple test-email, then the email goes through.
On the Windows side:
send/receive of emails using outlook as well as firefox/IE is going through without any errors.
Attempts to solve problem:
1. We had attempted to create a DMZ-zone a couple of days back, so to rule out any misconfiguration we have restored old Config from back as of 19-Aug.
Any suggestions on why this would be happening and if we can enable any addition logging to pin-point the problem.
regards
Abhijit
ASKER
Yes, you are right in stating that the send/recv function via Web-interface and via email-client make use of different ports. The piece we are unable to decipher is how the problem is affecting only linux based system while same/similar operations are working for windows-based system.
Quick note:
Missed mentioning that our mail-server is hosted in Singapore, where as the problem is ocuring in our India office.
The setup was working till 10:00 AM on 18-Sep-2013.
other observations till date:
1. We have tried to do a "telnet" test for various port numbers under use, the connectivity is going through.
2. The timeout happens after 60 seconds.
3. No Selinux or iptables on the linux box.
4. We have asked ISP to check if any abnormalities are observed at his end.
5. If we install a data-card on a linux box, the send-recv works for both firefox/thunderbird. This is pushing us to believe that something seems to be broken at our end only and not at the mail-server end.
Quick note:
Missed mentioning that our mail-server is hosted in Singapore, where as the problem is ocuring in our India office.
The setup was working till 10:00 AM on 18-Sep-2013.
other observations till date:
1. We have tried to do a "telnet" test for various port numbers under use, the connectivity is going through.
2. The timeout happens after 60 seconds.
3. No Selinux or iptables on the linux box.
4. We have asked ISP to check if any abnormalities are observed at his end.
5. If we install a data-card on a linux box, the send-recv works for both firefox/thunderbird. This is pushing us to believe that something seems to be broken at our end only and not at the mail-server end.
If I understand, the problem is that the linux server on you local lan can no longer send email, but any windows system can.
Assuming you can login to the linux server, send a test email as follows and post the result.
mail -v somebody@somewhere.com (use a real address)
This will print the entire sending transaction in verbose mode and will hopefully show the error.
Do you know where the mail and/or syslog is on the linux system, and have you looked at them?
Assuming you can login to the linux server, send a test email as follows and post the result.
mail -v somebody@somewhere.com (use a real address)
This will print the entire sending transaction in verbose mode and will hopefully show the error.
Do you know where the mail and/or syslog is on the linux system, and have you looked at them?
In the log you posted it seems that the connection that was reset, was destined to port 443 (HTTPS).
What SMTP settings did you put in to thunderbird?
Can you please try and setup a google imap/smtp account in thunderbird and try if you can successfully send mail with that account?
What SMTP settings did you put in to thunderbird?
Can you please try and setup a google imap/smtp account in thunderbird and try if you can successfully send mail with that account?
sipl_aac00,
Any update on this?
Any update on this?
Are you still having this issue?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Interesting... this (Fix/ignore malformed TCP headers) is typically used in interacting with systems that use older IP stacks.
ASKER
problem solved
Did this ever work, or is the Sonicwall new?