PR_CONNECT_RESET_ERROR connecting to a maching on the same subnet
Categories
(Core :: Security: PSM, defect)
Tracking
()
People
(Reporter: jedi.nite, Unassigned, NeedInfo)
Details
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0
Steps to reproduce:
This bug is similar to bug # 1410070
I have a PC , it's ip address is 192.168.111.101/24, and I have a network device with ip address 192.168.111.51/24, i.e. both the PC and the network device are on the same local internal private network 192.168.111.0/24
The network device's web server interface can only be accessed with the secure https://192.168.111.51 URL.
Actual results:
Instead of connecting to the network device's web server interface, I get the following error message:
Secure Connection Failed
An error occurred during a connection to 192.168.111.51. PR_CONNECT_RESET_ERROR
Expected results:
It should connect to the network device's web server interface, because the Firefox parameter security.insecure_field_warning.ignore_local_ip_address is set to true by default. Both the PC and the network device are on the same local internal private network id 192.168.111.0/24 which is my own home lab, so obviously they are trusted devices. It should not matter what the network id is, so long as both devices are on the same local network, e.g. If PC = 172.16.16.1/20 and network device = 172.16.31.254/20, should also work because they are on the same local ip network address id 172.16.16.0/20
Alternatively, there should be a way to add exception network ip addresses in the security section of Firefox's options, for advance users who know what they are doing.
|
||
Updated•6 years ago
|
|
||
Comment 1•6 years ago
|
||
What version of Firefox are you running? Also, what are the values of the security.tls.version.* prefs in about:config?
Firefox version 72.0.2 (64-bit)
security.tls.version.enable-deprecated false
security.tls.version.fallback-limit 4
security.tls.version.max 4
security.tls.version.min 1
|
|
||
Comment 3•6 years ago
|
||
Try setting security.tls.version.enable-deprecated to true? Also, you should update to the latest version (76).
|
||
Comment 4•6 years ago
|
||
I'd like to note that security.insecure_field_warning.ignore_local_ip_address doesn't do what you seem to expect. It only affects the front-end display of the insecure password warning and doesn't cause load errors.
|
||
Comment 5•6 years ago
|
||
Because this bug's Severity has not been changed from the default since it was filed, and it's Priority is -- (non,) indicating it has has not been previously triaged, the bug's Severity is being updated to -- (default, untriaged.)
Tried setting security.tls.version.enable-deprecated to true but that did not fix the problem.
I have got around the problem by using Microsoft Internet Explorer 7.0 in a Hype-V virtual machine.
If possible, I would still like to see some sort of Mozilla Firefox solution.
Tried setting security.tls.version.enable-deprecated to true but that did not fix the problem.
I have got around the problem by using Microsoft Internet Explorer 7.0 in a Hype-V virtual machine running Windows XP SP2.
If possible, I would still like to see some sort of Mozilla Firefox solution.
|
|
||
Comment 8•5 years ago
|
||
Can you capture a packet trace of Firefox attempting to connect to the server and upload it here? Thanks!
|
||
Comment 9•5 years ago
|
||
This bug is similar to bug # 1410070
This bug is not similar to bug 1410070. The local-ip-address pref is a red herring as mentioned in comment 4: only affects UI display for password fields and is not used when making network connections.
|
|
||
Updated•5 years ago
|
Description
•