0

I receive the following error after trying to log in to a secure website using Firefox 36.0.4. (Error code: ssl_error_bad_mac_read). The error does not occur when I hit the page, but rather after I enter my credentials and click login.

This issue began occurring starting with Firefox version 35. It does not occur using any version of IE or Chrome. I do NOT receive this error if I go into the Firefox config and set the security.tls.version.max = 2. (The default value for security.tls.version.max is 3). This indicates to me that TLSv1.1 and lower work fine.

This specific issue only occurs when my internet traffic goes out through my office firewall and then in through a remote site's F5 1600 load balancer where the web server lives. This issue does not occur if I hit the website locally (local IP) which would come in behind the F5. This issue also does not occur if I access the website outside the office. This issue can be re-created using any browser on any OS (Mac, Linux, and Windows).

The following conditions have to be true for this issue to occur:

a.)The web traffic has to go through BOTH the Fortigate 200d firewall and the F5.

b.)Using Firefox 35 and up

c.)Using the default browser TLS settings

Fortigate Firmware Version: v5.2.2,build642 (GA) BigIP- F5 LTM 1600 Firmware Version: 11.4.0

Mike Hatfield
  • 1
  • 2

1 Answers1

0

This is problably associated with function "SSL/TLS Inspection" on Forintet router/firewall. This functions tries to encrypt and decrypt TLS traffic, and it does something wrong in TLS negotiation (it modyfied "Client Hello" or "Server Hello" message, in place about TLS versions).

In my case, solution was to disable this function on router Fortingate.

Jack
  • 875
  • 7
  • 9