09-09-2014 03:38 PM - edited 03-11-2019 09:43 PM
Hi all:
We have a small office (15 users) protected by an ASA 5505 running 8.2(5). The problem we are having is downloading large files from to Office 365 (really SharePoint in MS cloud). They get interrupted and the connection is dropped.
I have looked into this and it seems the problem concerns the TCP Window scaling or autotuninglevel and its support by upstream routers from the user. If I open an elevated Command prompt on my machine and execute the following the large files download fine through the ASA
netsh int tcp set global autotuninglevel=disabled
Putting it back to the default setting again will cause the file to not download
netsh int tcp set global autotuninglevel=nomal.
Also if I swap out the ASA 5505 using a consumer router/FW I have no problems with the larger files.
Question, is there a way to activate windows scaling on the ASA which my consumer router/FW seems to support? Will upgrading to a higher software version of the ASA help? I am using 8.2(5)? I am hoping this is a fairly common problem but I can’t seem to find an easy solution online. Thanks so much -Bob
09-15-2014 05:43 PM
Hello;
I would defintely open a TAC case on this one. Updating the code on the firewall is not going to help.
Captures and other troubleshooting steps need to be performed.
Mike.
02-01-2015 07:36 PM
I have exactly the same problem on an ASA 5505 with 8.2(1). I believe it is a bug but not having a current contract prevents me from being able to upgrade the firewall. I found the following references to the problem and the workarounds do work but it should ideally be fixed on the firewall.
http://prowiki.isc.upenn.edu/wiki/TCP_tuning_for_broken_firewalls
http://serverfault.com/questions/337039/cisco-asa-5505-tcp-window-scaling-rfc1323
http://www.richweb.com/book/export/html/88 - TCP Window Scaling Problems with broken Firewalls
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide