HTTPS Websites not reachable - "Ignored Unknown Record" in WireShark
03/26/2020 16 20242
Some HTTPs website (but it could happen also with the HTTP Websites) is not reachable even if the Security Services are all disabled.
The packets are shown in the Packet Capture as 'Ignored Unknown Record" or "TCP (Spurious) Retransmission".
The issue may be caused by the MTU size of the packets being sent/received by the SonicWall.
If the MTU size set up on the WAN Interface is bigger than the real MTU size provided by the ISP, the packet with length bigger than the real MTU size will lose some bytes. Following that, in an encrypted protocol (TLS, SSL) this can cause a packet fragmented or not complete.
Check your correct MTU size, following How to change the MTU size.
After checking your MTU and changing it on your WAN Interface, you should see the traffic correctly forwarded without any retransmission or Unknown Record.