Observing DTLS SSL_write failed logs in nsdebug - SWG tunnel resetting

Question

Hi I am seeing in our client logs a lot of DTLS disconnects, we’ve lowered the MTU to 1300 too!!

2024/05/24 15:03:05.326 stAgentSvc p38ec t3f88 error nsssl.cpp:1093 nsssl DTLS SSL_write failed, err: 336642382, syserr: 0
2024/05/24 15:03:05.326 stAgentSvc p38ec t3f88 error nsssl.cpp:1096 nsssl DTLS SSL_write failed, errStr: error:1410C14E:SSL routines:dtls1_write_app_data_bytes:dtls message too big
2024/05/24 15:03:05.327 stAgentSvc p38ec t3f88 error tunnel.cpp:898 nsTunnel DTLS nsssl_write failed, err: -1
2024/05/24 15:03:05.327 stAgentSvc p38ec t3f88 info nsssl.cpp:681 nsssl nsssl_disconnect enter
2024/05/24 15:03:05.327 stAgentSvc p38ec t3f88 info nsssl.cpp:1140 nsssl DTLS SSL shutdown
2024/05/24 15:03:05.328 stAgentSvc p38ec t3f88 info nsssl.cpp:1164 nsssl DTLS Exit SSL shutdown
2024/05/24 15:03:05.328 stAgentSvc p38ec t3f88 info nsssl.cpp:1606 nsssl DTLS Closing sock 1420
2024/05/24 15:03:05.328 stAgentSvc p38ec td2c info nsssl.cpp:1905 nsssl on socket close for socket 1420
2024/05/24 15:03:05.329 stAgentSvc p38ec td2c info tunnel.cpp:340 nsTunnel DTLS received nsssl_closed, tunnel destroyed
2024/05/24 15:03:05.329 stAgentSvc p38ec t3f88 info nsssl.cpp:698 nsssl nsssl_disconnect exit
2024/05/24 15:03:05.329 stAgentSvc p38ec td2c info nsssl.cpp:705 nsssl DTLS Cleanup SSL

Anyone seen this before?

Fazil · Answer

@focusfocusfocusNetskope support needs to review the debug level logs to reach a conclusion. There have been reported issues with similar log lines on clients running version R111, which have been fixed in version R115.We recommend opening a Netskope support ticket for further details.

Observing DTLS SSL_write failed logs in nsdebug - SWG tunnel resetting

1 reply

Reply

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded