Skip to main content
mcdaniels
mcdaniels
New Member
October 22, 2020
Question

PR_CONNECTION_RESET_ERROR only happening @ one provider

  • October 22, 2020
  • 1 reply
  • 17163 views

Hi folks,

I am trying to find a problem which suddenly appeared today. We have not changed any configurations at our network.

Suddenly websites, hosted at  one austrian provider, where our homepage is hosted do not open anymore.

 

Only giving a:  PR_CONNECT_RESET_ERROR in Firefox and do not open in Edge too.

 

Sites are doing this, when I try via curl:

curl -vv https://www.pc-howto.com
* Rebuilt URL to: https://www.pc-howto.com/
* Trying 81.19.159.68...
* TCP_NODELAY set
* Connected to www.pc-howto.com (81.19.159.68) port 443 (#0)
* schannel: SSL/TLS connection with www.pc-howto.com port 443 (step 1/3)
* schannel: checking server certificate revocation
* schannel: sending initial handshake data: sending 181 bytes...
* schannel: sent initial handshake data: sent 181 bytes
* schannel: SSL/TLS connection with www.pc-howto.com port 443 (step 2/3)
* schannel: failed to receive handshake, SSL/TLS connection failed
* Closing connection 0
* schannel: shutting down SSL/TLS connection with www.pc-howto.com port 443
* Send failure: Connection was aborted
* schannel: failed to send close msg: Failed sending data to the peer (bytes written: -1)
* schannel: clear security context handle
curl: (35) schannel: failed to receive handshake, SSL/TLS connection failed

 

If I try outside our network (without our Fortigate) it works.

 

If I turn off all filters @ the policy used for my client the connection is still not working.

 

I am running out of ideas now.

 

Any help, hint or tip is very welcome....

    1 reply

    boneyard
    boneyard
    Valued Contributor
    October 22, 2020

    mcdaniels wrote:

    If I try outside our network (without our Fortigate) it works.

    you are still coming from the same IP address as when you are coming from the FortiGate?

     

    if you are going from another network can you check if your not working traffic arives at the server?

     

    im kinda expecting an issue at the other side here, but you need to see how to confirm that.

    mcdaniels
    mcdanielsAuthor
    New Member
    October 22, 2020

    Hi,

     

    I am coming over 4G connection from smartphone for example (not the same ip) -> then it works.

     

    I have very limited access to the logs (of the website-hoster). I have to doublecheck it.

     

    A friend of mine is coming from a completly other network -> it works.

     

    If the situation is: mynetwork -> fortigate -> my provider -> webspaceprovider -> it is not working.

     

    If I use: single pc -> my provider -> webspaceprovider -> it works

     

    This is the log of whireshark - another website, same hoster, same behavior (If I see it right the RST is coming from the hosters-side):

     

     

    boneyard
    boneyard
    Valued Contributor
    October 22, 2020

    it is difficult to say for sure, but there is a chance the hoster is blocking you for some reason. as you have a website there i would at least reach out and ask them to check.

     

    where is that capture taken? if it is on the fortigate then yes it might be the hoster. if it is on a client then it could also be the fortigate.

     

    does the fortigate logging show anything for these requests?

    Terms & ConditionsAccessibility statement