Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

syn timeout while reaching a server

 

Hi Everyone,

 

I am trying to connect to a server.

Logs are below from ASA

May 01 2014 17:59:54: %ASA-6-302014: Teardown TCP connection 142620724 for X:172.31.23.107/60309 to Y:172.31.10.131/443 duration 0:00:30 bytes 0 SYN Timeout

May 01 2014 17:59:24: %ASA-6-302013: Built inbound TCP connection 142620724 for X:172.31.23.107/60309 (172.31.23.107/60309) to Y 172.31.10.131/443 (172.31.10.131/443)

 

 

I did packet capture on ASA

   1: 17:59:24.010390 172.31.23.107.60309 > 172.31.10.131.443: S 2877280643:2877280643(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>

   2: 17:59:27.006240 172.31.23.107.60309 > 172.31.10.131.443: S 2877280643:2877280643(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>

   3: 17:59:33.008544 172.31.23.107.60309 > 172.31.10.131.443: S 2877280643:2877280643(0) win 8192 <mss 1460,nop,nop,sackOK>

 

Need to confirm that as per above logs ASA has send 3 syn packets to servers and it did not receive any syn,ack from the server right?

Also nop,wscale 2,nop,nop,sackOK> means that ASA does not receive any syn from server right?

 

Regards

 

Mahesh

 

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Yes, that's right. 3 syn

Yes, that's right. 3 syn packets without an ack is the default for Windows to stop retrying.

The first one is sent, then 3 seconds later the second then 6 seconds later the third.

I find it's generally easier to export the packet captures into Wireshark to visualize the flows. If you run the capture using the ASDM wizard and setup your path to Wireshark in ASDM, you can just click to export and launch.

2 REPLIES
Hall of Fame Super Silver

Yes, that's right. 3 syn

Yes, that's right. 3 syn packets without an ack is the default for Windows to stop retrying.

The first one is sent, then 3 seconds later the second then 6 seconds later the third.

I find it's generally easier to export the packet captures into Wireshark to visualize the flows. If you run the capture using the ASDM wizard and setup your path to Wireshark in ASDM, you can just click to export and launch.

New Member

 Thanks MArvin seems i will

 

Thanks MArvin seems i will learn lot from your experience.

 

Regards

Mahesh

69
Views
0
Helpful
2
Replies
CreatePlease to create content