Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

tcp dup packet on ASA

Hello,

today I am going to ask for an urgent help. The issue started with something and ended up into another. I have updated a firewall image from 8.2 to 8.4.5 and after that the traffic (http, ftp, pop3) was not passing through CSC for the clients behind the ASA. So we are asked from Cisco TAC to upgrade the CSC version 6.3 to 6.6 (reimage and with 6.6 hotfix). But it didn't solve the problem. Later on from global policy we remove the rule to pass through CSC and unfortunately the problem isn't solved and additionally we are not able to connect with ASDM but ssh was working to connect on ASA.

What I found until now that that there is a lot of tcp dup packet drop. I have done the packet capture on both direction (in and out) and see there is very less packet comes in and no payload. anyway I have attached those files.

One important thing to tell I have already shutdown the CSC module and now the traffic goes from client->proxy->ASA->router->internet. I have seen the packet on the router and there is no issue on internet or the router. Because there is no packet drop on icmp and there is no special rule on the router except NAT.

I would appreciate for any further suggestion.

thanks

Pial

2 REPLIES
New Member

tcp dup packet on ASA

Hey Pial

Downgraed your image to 8.2 . And then Upgraed it to 8.3 and then to 8.4 .

Hope this helps you.

Thanks

Vishaw

New Member

tcp dup packet on ASA

Hello Vishaw,

thanks for your answer. I downgraded the ASA to 8.2 and it didn't solve the issue. Later on I have found the switch between router and firewall makes that issue. After removing the switch everything works fine again except the traffic is passing through CSC module. We will do that test on next week. Because that it is a remote location where the problem appear and the people don't want any test further until this week.

anyway thanks for your answer.

Pial

167
Views
0
Helpful
2
Replies