I had a similar situation with an old PIX firewall. It wasn't SSH...this was HTTP but it was the same thing. The firewall was using a buggy IOS and was resetting connections whenever it felt like it. But only telling one side. This was on an internal DMZ'd network as well....no ISP.
This was a Java application server with ridiculous keepalives, so eventually the server would crash when the firewall decided to drop alot over a short period. -Mike On Fri, Sep 18, 2009 at 9:20 AM, Ian Chard <ian.ch...@ict.ox.ac.uk> wrote: > Hi, > > I'm troubleshooting a very strange problem, where my ssh connection to a > few different OpenBSD machines drops suddenly, with the client machine > receiving a TCP RST from the server. I've taken tcpdump captures on both > sides (in different sessions, so the tcpdump process doesn't die with my > shell), and the OpenBSD machine's capture doesn't log the RST it apparently > sends. > > Now the machines are in a complex network, so it's possible that the packet > is being generated spuriously by something else. My question is: is there > any way that the OpenBSD kernel could sent a TCP RST that is always missed > by tcpdump running on the same machine? > > Thanks for any help > - Ian > > -- > Ian Chard, Senior Unix and Network Gorilla | E: ian.ch...@sers.ox.ac.uk > Systems and Electronic Resources Service | T: 80587 / (01865) 280587 > Oxford University Library Services | F: (01865) 242287
