gromack
asked on
Problems accessing secure sites
All of a sudden last Friday, users have started having problems accessing some secured (banking, CC processing) sites & I'm not finding any indicators as to why.
I'm running a sonicwall TZ 300 & can't seem to find any info in any log files that would point me in the right direction. when going to certain sites, I just get a waiting for site message on tab & page never loads.
any suggestions?
I'm running a sonicwall TZ 300 & can't seem to find any info in any log files that would point me in the right direction. when going to certain sites, I just get a waiting for site message on tab & page never loads.
any suggestions?
ASKER
Here's a dumb question - where do I enable logging for everything?
I went from a sonicwall that was about 12 years old, running a very much older version of sonic OS & am still learning my way around this new & improved version!
Again, I can't stress enough that all this was working just fine, until Friday. What could have happened to change that?
I went from a sonicwall that was about 12 years old, running a very much older version of sonic OS & am still learning my way around this new & improved version!
Again, I can't stress enough that all this was working just fine, until Friday. What could have happened to change that?
ASKER
If I use a different browser, I'm getting a timed out message
Do you have 2 ISPs setup in the SonicWALL?
ASKER
No
You didn't answer any of my questions...please address those in my first comment so I can help you!
ASKER
Squeaky wheel has left for the day & I got shifted in another direction. Didn't realize I still had support contract on it, too & am calling Sonicwall tech support. Will report back here with the fix.
This might be an obvious thing, but are the time and date on your computers correct? If this is wrong you will get SSL and other security errors.
ASKER
Yeah, they were all ok, as I had tried from several different computers, as well.
ASKER
Changing MTU from 1500 to 1404 seems to have fixed it, will know better in the morning. How could that minor if a change make all the difference & why would this have all of a sudden become an issue? I'm guessing this could have had an affect on email, as well? Mac & iPhone users were having email issues, too.
ASKER
Upon further review, yes, things are back to normal in the office.
My question now is since everything I currently have has been in place for over a year, how/why would this just pop up out of nowhere?
I called ISP, who said MTU on their end is set at 9216. How would 1404 vs 1500 make that big of a difference on my end & should I leave as is, or change to match ISP's?
My question now is since everything I currently have has been in place for over a year, how/why would this just pop up out of nowhere?
I called ISP, who said MTU on their end is set at 9216. How would 1404 vs 1500 make that big of a difference on my end & should I leave as is, or change to match ISP's?
My question now is since everything I currently have has been in place for over a year, how/why would this just pop up out of nowhere?In fact, changing MTU is not the fix - it can't! MTU is all about performance so having the wrong settings would cause a minor degradation of service and since you never changed it the only improvement would be an increase but this setting would not block or in your case free up secure sites.
Here is an article on MTU that may help yu understand it better: https://www.experts-exchange.com/articles/12615/Unstable-Slow-Performing-Networks-or-VPNs-just-go-grocery-shopping.html
I called ISP, who said MTU on their end is set at 9216. How would 1404 vs 1500 make that big of a difference on my end & should I leave as is, or change to match ISP's?Your ISP is using JumboFrames (9216). Read the article attached to dial in your exact MTU.
Even though it may appear to be fixed you have not found root cause yet!
- Are you running DPI-SSL?
- Have you configured Connection Limiters on Source or Destination?
- Make sure your logs are configured to record everything.
- Have you run a Packet Capture yet, if not do so!
- Is this occurring with every HTTPS connection...is it happening on all HTTPS sites?
Obviously something changed - review the change logs (if you have them). Let me know if you have any other questions!
ASKER
I initially thought we were being blocked, but what was happening was connection was timing out, but only on certain sites, online banking & CC processing. SonicWall tech support enabled logging to assist in their troubleshooting of the issue & made that change/fix.
Will read the article to see what optimum MTU should be set at & go from there.
as far as answers to your questions:
1) No
2) No
3) Assuming they aren't doing this by default, then No. This Sonic OS so much more granular than the 10 - 15 year old model I upgraded from, still (trying!) to learn my way around it. If you're wondering how I got it to this point, I had a friend who's got a whole lot more experience with the newer Sonic OS than me & did the upgrade for me.
4) No, can you recommend a good utilty for doing so?
5) Only certain ones, again, it appeared to me that they were timing out because the other end wasn't getting the correct response in a timely manner (?).
Thanks for your follow up!
Will read the article to see what optimum MTU should be set at & go from there.
as far as answers to your questions:
1) No
2) No
3) Assuming they aren't doing this by default, then No. This Sonic OS so much more granular than the 10 - 15 year old model I upgraded from, still (trying!) to learn my way around it. If you're wondering how I got it to this point, I had a friend who's got a whole lot more experience with the newer Sonic OS than me & did the upgrade for me.
4) No, can you recommend a good utilty for doing so?
5) Only certain ones, again, it appeared to me that they were timing out because the other end wasn't getting the correct response in a timely manner (?).
Thanks for your follow up!
I don't know if this is still an issue needing assistance, but...
4) Wireshark would be a solid bet.
5) Have you looked at settings like TCP timeout? In your case, you should look at the LAN > WAN zone: https://www.sonicwall.com/ en-us/supp ort/knowle dge-base/1 7050389405 3692
4) Wireshark would be a solid bet.
5) Have you looked at settings like TCP timeout? In your case, you should look at the LAN > WAN zone: https://www.sonicwall.com/
ASKER
Honestly, the problem has never returned.
Company was sold last Friday, so probably not going to be my uissue to worry about in the future.
Company was sold last Friday, so probably not going to be my uissue to worry about in the future.
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Are you running DPI-SSL?
Make sure your logs are configured to record everything.
Have you run a Packet Capture yet, if not do so!
Is this occurring with every HTTPS connection...is it happening on all HTTPS sites?
Obviously something changed - review the change logs.
Let me know if you have any questions!