Something that I can not fully understand:
Firewall stands between Client and Server, Client working with any application on Server side through usual HTTPS session. They talking, exchange data... after small pause (1-2 min, not longer) RST-ACK packet suddenly sent from Client to Server.
And FW drop it because the packet "doesn't SYN" (I see many of them all in the LOG)!?
Why? How FW knows BEFORE Client that session was closed/terminated?
Client doesn't know this. Client may be mentioned that smth wrong in the session and wants to close it (RST). Why FW intercepts? The timeout for dead sessions is 1Hour (by CP default) and 1-2 minutes of silence is very-very far from 1Hour...
Any guru explanations will be appreciated,