ASA 5510 v8.02 Reassembly limit of 8192 exceeded

Unanswered Question
Sep 20th, 2007
User Badges:

When viewing a video using port 554 from inside to a server in the DMZ, I get this error. If you view from the outisde, it works fine. Below is the full syslog meesage. Any suggestions?


4 Sep 20 2007 15:48:24 507001 192.168.10.10 DMZ-WEB-SERVER Terminating TCP-Proxy connection from Inside:192.168.10.10/1879 to DMZ:DMZ-WEB-SERVER/554 - reassembly limit of 8192 bytes exceeded

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
tstanik Wed, 09/26/2007 - 13:13
User Badges:
  • Bronze, 100 points or more

This message is displayed when reassembly buffer limit is exceeded during assembling TCP segments. This usually happens due to an inspection engine (or fixup) trying to reassemble a segment for deeper inspection (instead of forwarding the packets to the destination host). If you have configured any class map to have any tcp traffic using ports 11000-65535 inspected by the h323 and h225 fixups, try disabling it.

afredriksson Fri, 01/11/2008 - 07:39
User Badges:

Hi!

I get the exact same error using 5510 v8.0(3). Is there a solution to this problem?

mikeahrens Thu, 02/07/2008 - 13:35
User Badges:

Has anyone found further info about this?

I am in the same situation with a 5540 v8.0(3)

Ours does not have any class-maps defined (other than the _default_xxx - that you can't edit/disable anyway). I don't think I know what a 'fixup' is, so any enlightenment there would be appreciated.

its-system Fri, 05/08/2009 - 02:23
User Badges:

Short fix is to disable inspection of RTSP. Fixup is telling the Pix/ASA to do deep packet inspection to see if the segments match the protocol-sequence.

If you're not familiar with the fixup-commands, but work with the GUI, you can go to "service policy rules" -> rule action -> protocol inspection and deselect RTSP.

Actions

This Discussion