| 3-way handshake not completed [message #118874] |
Mon, 26 January 2015 21:18  |
Gaby
Messages: 34
Registered: March 2010
|
|
|
|
I have Kerio Control firewall with two WAN connections with load balancing. One of it points to an internal mail server (Kerio Connect).
There's a weird behavior here. If you want to access webmail from certain external addresses there is no response (cannot connect). If from the same problematic address you access through the other WAN connection there is no problem.
But, oddly from other addresses there is no problem.
Looking in the debug report I found this error from one problematic address:
[21/Jan/2015 21:53:17] {pktdrop} packet dropped: 3-way handshake not completed (from Internet Telmex, proto:TCP, len:41, 190.97.45.65:65388 -> 200.80.203.43:80, flags:[ ACK ], seq:2586090912 ack:20916154, win:252, tcplen:1)
I believe this is the reason but I'm not completely sure.
Any help will be appreciated.
Thanks in advance.
|
|
|
|
| Re: 3-way handshake not completed [message #118899 is a reply to message #118874] |
Wed, 28 January 2015 04:28  |
mlee (Kerio)
Messages: 211
Registered: October 2012
Location: Sydney
|
|
|
|
To confirm, you can disable the 3-way handshake requirement (Edit /var/winroute/winroute.cfg, change the value of the variable Require3WayHandshake from 1 to 0, reboot Kerio Control)
M.
PTSD. BP. OCD. ASPD. BPD. Certified.
|
|
|
|
|
|
Members
Search
Help
Register
Login
Home
