HTTPS Websites not reachable - "Ignored Unknown Record" in WireShark

Description

Some HTTPs website (but it could happen also with the HTTP Websites) is not reachable even if the Security Services are all disabled.

The packets are shown in the Packet Capture as 'Ignored Unknown Record" or "TCP (Spurious) Retransmission".

 

 

Cause

The issue may be caused by the MTU size of the packets being sent/received by the SonicWall.

If the MTU size set up on the WAN Interface is bigger than the real MTU size provided by the ISP, the packet with length bigger than the real MTU size will lose some bytes. Following that, in an encrypted protocol (TLS, SSL) this can cause a packet fragmented or not complete.

Resolution

Check your correct MTU size, following How to change the MTU size.

 

After checking your MTU and changing it on your WAN Interface, you should see the traffic correctly forwarded without any retransmission or Unknown Record.

Related Articles

  • SonicWall UTM throws an error : " Invalid Authentication " Error: SN and EPAID Do Not Match
    Read More
  • Firewall logs show frequent probe status changes after upgrade
    Read More
  • SSO Agent 4.0: Installation, Configurations, and troubleshooting
    Read More

Categories

Firewalls
TZ Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall NSA Series
not finding your answers?
Ask the Community
was this article helpful?
YesNo