12

Environment,

Web server - Server 2012 R2, IIS 8, ASP.NET application

Firewall Cisco 5515

Un-Managed HP switches, No vlaning

Client has been using Curl from the outside to hit our application.

No one else should be using the server.

Using wireshark i can see, If I have TLS 1.2 enabled, every time they hit the server at the end there is a RST

If i disable TLS 1.2 there is no packet RST and everything looks fine.

What could be causing this?

Please let me know if you need anymore info.

Anthony Fornito
  • 9,526
  • 1
  • 33
  • 122
  • Disable TLS 1.0 and never turn it back on again. It is a deprecated protocol that is no longer safe to use. NIST CVE: https://nvd.nist.gov/vuln/detail/CVE-2011-3389 RedHat KB: https://access.redhat.com/articles/1294573 – HackSlash Nov 13 '17 at 19:20

1 Answers1

13

Are you 100% sure he is not testing with a higher or lower version of TLS, packet resets normally are attributed to the application not knowing what to do with it.

Donna Delour
  • 414
  • 5
  • 10