01-28-2008 04:13 PM - edited 03-11-2019 04:54 AM
Hi,
I'm troubleshooting a connection problem between a client (inside) and a server (outside). The client (139.96.216.21) starting the TCP session to the destination (121.42.244.12). Please have a look at attachement... What does the TCP FINs mean at the end and why is there a FIN Timeout at the end.... Thanks in advance, André
Solved! Go to Solution.
01-29-2008 12:08 PM
It is very well possible app related timeout-responce issue, I do not believe it is firewall related as firewall is doint what is suppose to do when the TCP handchake is not fully completed thus closing the connection.
Rgds
Jorge
01-28-2008 04:54 PM
Hi Andre, this simply indicates the tcp three way hand chacke process did not complete in other words the wait time for a sync packet exceeded the 30 seconds forcing to terminate the connection by timeout.
I believe this could be caused by congestion-latency somewhere along the path causing retransmission between source and destination, or even latency at the destination server.. Im sure others may provide more insight.
Is this happening with a single destination client or several.
See message 302014
http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html
Rgds
Jorge
01-28-2008 05:28 PM
Hi Jorge, this happens only to this client which is within the subnet 139.96.216.0/24 and also located inside the firewall. Other clients, which are located in other countries but with them same setup (Firewall in front of the WAN connection), doesn't have this problem. I don't think that the problem is caused by congestion-latency, because the response time is ok (less then 100ms).
C:\Documents and Settings\rc3all>ping 121.42.244.12
Pinging 121.42.244.12 with 32 bytes of data:
Reply from 121.42.244.12: bytes=32 time=37ms TTL=121
Reply from 121.42.244.12: bytes=32 time=37ms TTL=121
Reply from 121.42.244.12: bytes=32 time=37ms TTL=121
Reply from 121.42.244.12: bytes=32 time=37ms TTL=121
Ping statistics for 121.42.244.12:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 37ms, Maximum = 37ms, Average = 37ms
I only wanted to be sure that the TCP FIN timeout is not related to the firewall. I think this is because of the application which seems to be not responding!?
01-29-2008 12:08 PM
It is very well possible app related timeout-responce issue, I do not believe it is firewall related as firewall is doint what is suppose to do when the TCP handchake is not fully completed thus closing the connection.
Rgds
Jorge
07-15-2014 12:23 AM
Hi,
http://www.tcpipguide.com/free/t_TCPConnectionTermination-2.htm
Pls refer this URL.Nice Explanation for TCP FIN ACK and connection termination process.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide