I’m running the latest version of vSZ-H (3.6) in the lab with a couple of R500 access points, which are connected via a (IPv6) router. There is no firewall. Both firmware images on both access points are version 3.6.1.0.354.
One of the access points can no longer establish an SSH tunnel with the vSZ, while the other can. Wireshark shows the (first) access point sending a TLS client hello to the vSZ, the vSZ replying with a TLS server hello, certificate, certificate request, and server hello done and then nothing until the access point sends a TCP reset and the process starts again.
However, when I connect the access point to the same subnet as the vSZ, the problem disappears.
Does anyone know what the problem is?
