Cisco Support Community
Community Member

PIX + Win Size = 0

I have a web server behind my pix running 7.0(2) code. When a client attempts to connect it sends the following

1 sec - client - SYN

1 sec - PIX - SYN ACK Win size 0

1 sec - client - ACK

1 sec - Server - SYN ACK Win Size 24840

1 sec - client - ACK

3 sec - client - keep alive

9 sec - client - keep alive

14 sec - server - FIN ACK

14 sec - client HTTP GET

14 sec - client FIN ACK

14 sec - server RST

Why is my pix sending an ACK to the intitial client SYN with a Win size of 0 ??????????

Quite obviously... the client is not getting the page...

Community Member

Re: PIX + Win Size = 0

I have an idea... my embryonic limit was set to 20... could it be that?

Cisco Employee

Re: PIX + Win Size = 0

You might wanna see if "inspect http" is enabled on the PIX and if "Yes", please try removing it and check again. Issue should be resolved.

Note: If this does not fix the issue, please contact TAC.


Prashant Chauhan.

Community Member

Re: PIX + Win Size = 0

I was correct the embryonic limit was the 'issue'.... despite changing the limit to 100 and then unlimited I still got the issue... I had tried clear xlate to no avail... that is because clear xlate doesn't do anything in rev 7.0... you ahve to clear local host... once I changed the embryoninc limit and cleared local host it worked.

CreatePlease to create content