Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA5505 Error - %ASA-4-419002

Iam getting the below error message in ASA 5505.

%ASA-4-419002: Duplicate TCP SYN from outside:213.x.x.2/2660 to outside:213.x.x.152/445 with different initial sequence number

%ASA-4-419002: Duplicate TCP SYN from outside:213.x.x.152/3961 to outside:213.x.x.156/445 with different initial sequence number

Sometime my ASA outside interface goes down and iam not bale to ping outside interface from Internet. After I reboot the ASA it

comes up.

What could be the reason?

5 REPLIES
New Member

Re: ASA5505 Error - %ASA-4-419002

Are you seeing errors on the interface?

sh int

Also is there possible errors on the internet circuit? One other possible cause is high connections DoS attack

Post the interface stats and a copy of the sh conn count when this happens again.

New Member

Re: ASA5505 Error - %ASA-4-419002

I have seen output erros, collissions & defferred on both inside & outside interfaces.

Interface Ethernet0/0 "", is up, line protocol is up

Hardware is 88E6095, BW 100 Mbps

Auto-Duplex(Half-duplex), Auto-Speed(100 Mbps)

Available but not configured via nameif

MAC address 0019.0724.9edb, MTU not set

IP address unassigned

2223137 packets input, 1100823366 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

0 L2 decode drops

0 switch ingress policy drops

1924871 packets output, 300387287 bytes, 0 underruns

2659 output errors, 2212 collisions, 0 interface resets

0 babbles, 0 late collisions, 4246 deferred

0 lost carrier, 0 no carrier

0 rate limit drops

0 switch egress policy drops

Interface Ethernet0/1 "", is up, line protocol is up

Hardware is 88E6095, BW 100 Mbps

Auto-Duplex(Half-duplex), Auto-Speed(100 Mbps)

Available but not configured via nameif

MAC address 0019.0724.9edc, MTU not set

IP address unassigned

4697909 packets input, 804785167 bytes, 0 no buffer

Received 128491 broadcasts, 0 runts, 0 giants

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

0 L2 decode drops

184683611769 switch ingress policy drops

1965257 packets output, 1050829440 bytes, 0 underruns

3875 output errors, 2661 collisions, 0 interface resets

0 babbles, 0 late collisions, 5477 deferred

0 lost carrier, 0 no carrier

0 rate limit drops

0 switch egress policy drops

Re: ASA5505 Error - %ASA-4-419002

Hi .. according to Cisco Output Interpreter .. it does not seem to be any issues with the status of your interfaces. You might want to clear the counters (clear interface) however to be sure that those hits are not increasing drastically .. keep an eye of output errors and deferred, if they increase rapidly then you might be experiencing bandwidth overload or DoS type of attacks. You might want to report this to your ISP.

Interface - Ethernet0/0 (up/up)

INFO: There have been 4246 'deferred' packets on this interface.

The deferred counter counts the number of times the interface has tried to send

a frame, but found the carrier busy at the first attempt (Carrier Sense). This

does not constitute a problem, and is part of normal Ethernet operation.

Interface - Ethernet0/1 (up/up)

INFO: There have been 5477 'deferred' packets on this interface.

The deferred counter counts the number of times the interface has tried to send

a frame, but found the carrier busy at the first attempt (Carrier Sense). This

does not constitute a problem, and is part of normal Ethernet operation.

I hope it helps .. please rate it if does !!!

New Member

Re: ASA5505 Error - %ASA-4-419002

Your interfaces are taking errors. Probably duplex/speed mismatch. Hard code both ends and see if the performance improves.

New Member

Re: ASA5505 Error - %ASA-4-419002

Thanx for your valuable comments.

I will check with ISP and also try to hard code the interfaces & observe for the errors.

1360
Views
0
Helpful
5
Replies