Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

What does TCP FINs mean at the end of the log

Hi,

I'm troubleshooting a connection problem between a client (inside) and a server (outside). The client (139.96.216.21) starting the TCP session to the destination (121.42.244.12). Please have a look at attachement... What does the TCP FINs mean at the end and why is there a FIN Timeout at the end.... Thanks in advance, André

1 ACCEPTED SOLUTION

Accepted Solutions

Re: What does TCP FINs mean at the end of the log

It is very well possible app related timeout-responce issue, I do not believe it is firewall related as firewall is doint what is suppose to do when the TCP handchake is not fully completed thus closing the connection.

Rgds

Jorge

4 REPLIES

Re: What does TCP FINs mean at the end of the log

Hi Andre, this simply indicates the tcp three way hand chacke process did not complete in other words the wait time for a sync packet exceeded the 30 seconds forcing to terminate the connection by timeout.

I believe this could be caused by congestion-latency somewhere along the path causing retransmission between source and destination, or even latency at the destination server.. Im sure others may provide more insight.

Is this happening with a single destination client or several.

See message 302014

http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html

Rgds

Jorge

New Member

Re: What does TCP FINs mean at the end of the log

Hi Jorge, this happens only to this client which is within the subnet 139.96.216.0/24 and also located inside the firewall. Other clients, which are located in other countries but with them same setup (Firewall in front of the WAN connection), doesn't have this problem. I don't think that the problem is caused by congestion-latency, because the response time is ok (less then 100ms).

C:\Documents and Settings\rc3all>ping 121.42.244.12

Pinging 121.42.244.12 with 32 bytes of data:

Reply from 121.42.244.12: bytes=32 time=37ms TTL=121

Reply from 121.42.244.12: bytes=32 time=37ms TTL=121

Reply from 121.42.244.12: bytes=32 time=37ms TTL=121

Reply from 121.42.244.12: bytes=32 time=37ms TTL=121

Ping statistics for 121.42.244.12:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 37ms, Maximum = 37ms, Average = 37ms

I only wanted to be sure that the TCP FIN timeout is not related to the firewall. I think this is because of the application which seems to be not responding!?

Re: What does TCP FINs mean at the end of the log

It is very well possible app related timeout-responce issue, I do not believe it is firewall related as firewall is doint what is suppose to do when the TCP handchake is not fully completed thus closing the connection.

Rgds

Jorge

New Member

 Hi, http://www.tcpipguide

 

Hi,

 

http://www.tcpipguide.com/free/t_TCPConnectionTermination-2.htm

Pls refer this URL.Nice Explanation for TCP FIN ACK and connection termination process.

19339
Views
0
Helpful
4
Replies