Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
520
Views
0
Helpful
2
Replies

Out-of-order and DUPs outside of FWSM

dustin.black
Level 1
Level 1

‎12-06-2007 05:52 PM - edited ‎03-11-2019 04:40 AM

I have a Java application over SSL that is not performing well outside of our FWSM, and in fact hanging completely in many situations. When I run the application inside the FWSM with Wireshark scanning the traffic, everything looks hunky-dory. Running the same app and scan outside the FWSM shows a very large number of TCP Out-of-order, Previous segment lost, and Dup ACK messages.

Any ideas?

Labels:
0 Helpful
2 Replies 2

amritpatek
Level 6
Level 6

‎12-13-2007 02:49 PM

This usually happens when the FWSM is working in multi context mode and the incoming and outgoing interfaces for the traffic belong to different context. This happens because the FWSM has to internally loopback the traffic and thus this impacts the performance of the device.

0 Helpful

dustin.black
Level 1
Level 1
In response to amritpatek

‎12-13-2007 03:00 PM

One FWSM context in this configuration, so that can't be it...

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card