A few days ago a specific site (Outlook Web Access) stopped working.
As usual no change to Mikrotik configuration or OWA server.
After some troubleshooting I found that MT sends back RST packets and stops the connection.
1.png shows the logs from mikrotik
3.png shows that the packets received are invalid (have invalid CRC)
By inserting an iptables rules blocking these TCP-RST packets, with destination the specific IP and port 443, the connection with OWA works fine!
Although Mikrotik detects the packets with invalid “CRC” it does accept them. How this happens ?
Also, why MT sends an RST-TCP packet if packets aren’t really invalid ?
By looking to the forum I found a few relevant topics:
http://forum.mikrotik.com/viewtopic.php?uid=3513&f=2&t=61826&start=0
http://forum.mikrotik.com/t/natted-connections-have-rst-packet-sent-to-lan-for-no-reason/62099/12
and more…
This seems to be a problem that appeared a few times in the past.
Also this problem appeared with MT 4.17. During the test I updated to 5.22 with exactly the same problem.
Thank you