000022093 - Error: '[ct_int_handle_status] - Critical error: CT_SERVER_TIMED_OUT' appears in agent log for RSA ClearTrust Agent 4.0 for Lotus Domino R5 when user accesses protected resource after no users access Lotus Domino for a long time

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022093
Applies ToRSA ClearTrust Agent 4.0 for Lotus Domino R5
IBM AIX 4.3.3
IssueError: "[ct_int_handle_status] - Critical error: CT_SERVER_TIMED_OUT" appears in agent log for RSA ClearTrust Agent 4.0 for Lotus Domino R5 when user accesses protected resource after no users access Lotus Domino for a long time
TCP Packet out of state. First packet isn't SYN message on firewall log.
CauseThe issue occurs because there is a firewall between the Lotus Domino server and the RSA ClearTrust Authorization Server (AServer) that was configured to drop TCP connection after a period of time if no activity is seen. When this occurs, the ClearTrust Agent is unable to recover.
ResolutionThis issue is corrected in hot fix 4.0.0.02 for RSA ClearTrust Agent 4.0 for Lotus Domino R5. Contact RSA Security Customer Support to obtain this hot fix, or the latest hot fix level (which is cumulative, and contains fixes from previous fix levels).

NOTE: After installing the hot fix, the ClearTrust Agent will recover from the firewall disconnection and is likely to log the following type of message in the Domino console log:
 
    <Critical> - [ct_get_map_from_session] - Invalid server address

This should be considered correct behavior for the recovery and is an expected message.
Legacy Article IDa26853

Attachments

    Outcomes