Hi,
Thanks for your attention, We haven't found root cause yet.
------------------------------
tuan nguyen
head of product development - fico
Tien Phong Commercial Joint Stock Bank
HA NOI
------------------------------
Original Message:
Sent: 08-28-2023 09:56
From: Thomas Dao
Subject: Client can't connect TRP site via tunnel with default MTU 1500.
Hi @tuan nguyen,
Do you resolve your problem?
------------------------------
Thomas Dao
Products Consultant
M.Tech Products Pte Ltd
Ha Noi
Original Message:
Sent: 07-10-2023 21:16
From: tuan nguyen
Subject: Client can't connect TRP site via tunnel with default MTU 1500.
Hi,
i already think about it but I don't think it will solve the problem. Because the clients can access non TRP site normally (also SSL traffic), so i think no problem between GW and client, just after GW unpack packet/connection, maybe it changed something make the MTU higher 1500, and load balance/backend dont support that MTU.
Thanks,
------------------------------
tuan nguyen
head of product development - fico
Tien Phong Commercial Joint Stock Bank
HA NOI
Original Message:
Sent: 07-10-2023 09:46
From: Karol Gruszczynski
Subject: Client can't connect TRP site via tunnel with default MTU 1500.
Hi,
Maybe you should increase MTU on GTWs.
Try this:
https://docs.imperva.com/bundle/z-kb-articles-km/page/9b0ff549.html
------------------------------
Karol Gruszczynski
IT Security Expert
Trafford IT Sp. z o.o.
Warsaw
Original Message:
Sent: 07-07-2023 03:13
From: tuan nguyen
Subject: Client can't connect TRP site via tunnel with default MTU 1500.
Hi all,
I have an issue with SecureSphere Gateway with our branches. They can't access to TRP site (transparent reverse proxy) with default MTU. Our branches connect to data center via SSL tunnel.
We have 2 solutions:
- Turn off TRP, GW won't process HTTPS traffic.
- Reduce MTU on branch router or on Window, example 1412.
Anyone know what is diffirent between TRP's and none TRP's MTU ? I think the packet after TRP has MTU bigger 1500 and other device like load balance is not support.
PS: my GW use default MTU = 1500
Thank you.
#On-PremisesWAF(formerlySecuresphere)
------------------------------
tuan nguyen
head of product development - fico
Tien Phong Commercial Joint Stock Bank
HA NOI
------------------------------