cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
878
Views
0
Helpful
4
Replies

ASA 5510 v8.02 Reassembly limit of 8192 exceeded

htacisocnet
Level 1
Level 1

When viewing a video using port 554 from inside to a server in the DMZ, I get this error. If you view from the outisde, it works fine. Below is the full syslog meesage. Any suggestions?

4 Sep 20 2007 15:48:24 507001 192.168.10.10 DMZ-WEB-SERVER Terminating TCP-Proxy connection from Inside:192.168.10.10/1879 to DMZ:DMZ-WEB-SERVER/554 - reassembly limit of 8192 bytes exceeded

4 Replies 4

tstanik
Level 5
Level 5

This message is displayed when reassembly buffer limit is exceeded during assembling TCP segments. This usually happens due to an inspection engine (or fixup) trying to reassemble a segment for deeper inspection (instead of forwarding the packets to the destination host). If you have configured any class map to have any tcp traffic using ports 11000-65535 inspected by the h323 and h225 fixups, try disabling it.

afredriksson
Level 1
Level 1

Hi!

I get the exact same error using 5510 v8.0(3). Is there a solution to this problem?

Has anyone found further info about this?

I am in the same situation with a 5540 v8.0(3)

Ours does not have any class-maps defined (other than the _default_xxx - that you can't edit/disable anyway). I don't think I know what a 'fixup' is, so any enlightenment there would be appreciated.

Short fix is to disable inspection of RTSP. Fixup is telling the Pix/ASA to do deep packet inspection to see if the segments match the protocol-sequence.

If you're not familiar with the fixup-commands, but work with the GUI, you can go to "service policy rules" -> rule action -> protocol inspection and deselect RTSP.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: