|Applies To||RSA ClearTrust Agent 3.5 for Apache|
|Issue||RSA ClearTrust Agent 3.5 for Apache cannot reconnect to ClearTrust Server if TCP connection times out on a firewall between ClearTrust Agent and Server|
Error: "Internal Server Error" when accessing web page protected by RSA ClearTrust Agent 3.5 for Apache running on Sun Solaris
Error: "ct_extpool_call_auth_server: return CT_UNREACHABLE_HOST_ERROR" appears in RSA ClearTrust Agent logfile
Error: "ct_int_is_path_protected: set status CT_SERVER_TIMED_OUT" appears in RSA ClearTrust Agent logfile
|Cause||Packet filter or firewall closing idle connections between RSA ClearTrust Agent and Server|
|Resolution||If a firewall is filtering communication between an RSA ClearTrust Agent and Server, it's possible the TCP connection times out (on the firewall) and no subsequent packets are allowed.|
This issue has been resolved in a hot fix for RSA ClearTrust Agent 3.5 for Apache. Contact RSA Security Customer Support to obtain hot fix 18.104.22.168, or request the latest fix level (which is cumulative, and contains fixes from previous fix levels).
NOTE: To use this hot fix, you must know the timeout time for TCP connections on your firewall. Read the Readme file that comes with the hot fix carefully, as it contains important configuration information.
|Legacy Article ID||a27313|