FIXED Was a problem with smart defense center altering the packet. Thanks for the quick reply.
wolfoftheair wrote: > > Please test against 0.9.8h; 0.9.8a is nearly 3 years old at this point. > > -Kyle H > > On Mon, Aug 25, 2008 at 8:55 AM, firelight <[EMAIL PROTECTED]> > wrote: >> >> Openssl version: 0.9.8a >> Objective: secure FTP (SFTP) w/o pasv >> >> Everything works with self signed cert if client that is going to connect >> is >> located ONLY on the same subnet. >> >> If I try to connect a client to the server from outside the subnet, ie. >> internet client user, I get a "decryption failed or bad record mac" >> error. >> >> Scenario: >> client (public ip) tries to connect to server (non-route able ip on DMZ >> with >> public IP forwarded). Won't work. >> client (non-route able ip on DMZ) tries to connect to server. Does work. >> >> Is there a mechanism inside OpenSSL that doesn't allow cert pass through >> if >> client isn't on the same subnet? Is this a bug? >> -- >> View this message in context: >> http://www.nabble.com/decryption-failed-or-bad-record-mac-tp19146541p19146541.html >> Sent from the OpenSSL - User mailing list archive at Nabble.com. >> >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-users@openssl.org >> Automated List Manager [EMAIL PROTECTED] >> > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > > -- View this message in context: http://www.nabble.com/decryption-failed-or-bad-record-mac-tp19146541p19149429.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
