Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1261
Views
10
Helpful
4
Replies

Firewall capture

Go to solution
Visauk47
Level 1
Level 1

‎09-01-2019 08:34 PM

Hi All,

 

Just want to know, whats the following firewall capture means ? 

 

 

win2300 <mss 1460,nop,wscale0,nop,nop,sackok)

 

Regards,

Vishal

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Dinesh Moudgil
Cisco Employee
Cisco Employee
In response to Visauk47

‎09-03-2019 05:14 PM

Vishal,

 

These are general networking terms and fundamentals, not just specific to ASA.
https://www.iana.org/assignments/tcp-parameters/tcp-parameters.xhtml#tcp-parameters-1

 

Regards,

Dinesh Moudgil

 

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/

View solution in original post

4 Replies 4

Go to solution
Dinesh Moudgil
Cisco Employee
Cisco Employee

‎09-01-2019 09:01 PM - edited ‎09-01-2019 09:02 PM

Hi Vishal,


This represents a SYN packet. In a normal 3 way handshake, you would see the following messages:

 

134: 21:28:12.577637 173.39.68.116.56946 > 10.106.71.184.4443: S 1267690439:1267690439(0) win 65535 <mss 1380,nop,wscale 6,nop,nop,timestamp 1215630636 0,sackOK,eol>
135: 21:28:12.577805 10.106.71.184.4443 > 173.39.68.116.56946: S 1135917460:1135917460(0) ack 1267690440 win 32768 <mss 1380,nop,nop,timestamp 4398415 1215630636>
138: 21:28:12.580322 173.39.68.116.56946 > 10.106.71.184.4443: . ack 1135917461 win 65535 <nop,nop,timestamp 1215630638 4398415>

 

Regards,

Dinesh Moudgil

 

P.S. Please rate helpful posts.

 

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/

Go to solution
Visauk47
Level 1
Level 1
In response to Dinesh Moudgil

‎09-03-2019 12:54 PM

Hi Dinesh, 

 

Thank you for the reply. 

 

Could you please confirm, what does mss, nop,wscale sackok means ?

 

Regards,

Vishal

 

0 Helpful

Go to solution
Dinesh Moudgil
Cisco Employee
Cisco Employee
In response to Visauk47

‎09-03-2019 05:14 PM

Vishal,

 

These are general networking terms and fundamentals, not just specific to ASA.
https://www.iana.org/assignments/tcp-parameters/tcp-parameters.xhtml#tcp-parameters-1

 

Regards,

Dinesh Moudgil

 

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/

Go to solution
Visauk47
Level 1
Level 1
In response to Visauk47

‎09-03-2019 06:05 PM

Thanks Dinesh. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card