Re: ASA 5510 v8.02 Reassembly limit of 8192 exceeded

htacisocnet · ‎09-20-2007

When viewing a video using port 554 from inside to a server in the DMZ, I get this error. If you view from the outisde, it works fine. Below is the full syslog meesage. Any suggestions?

4 Sep 20 2007 15:48:24 507001 192.168.10.10 DMZ-WEB-SERVER Terminating TCP-Proxy connection from Inside:192.168.10.10/1879 to DMZ:DMZ-WEB-SERVER/554 - reassembly limit of 8192 bytes exceeded

tstanik · ‎09-26-2007

This message is displayed when reassembly buffer limit is exceeded during assembling TCP segments. This usually happens due to an inspection engine (or fixup) trying to reassemble a segment for deeper inspection (instead of forwarding the packets to the destination host). If you have configured any class map to have any tcp traffic using ports 11000-65535 inspected by the h323 and h225 fixups, try disabling it.

afredriksson · ‎01-11-2008

Hi!

I get the exact same error using 5510 v8.0(3). Is there a solution to this problem?

mikeahrens · ‎02-07-2008

Has anyone found further info about this?

I am in the same situation with a 5540 v8.0(3)

Ours does not have any class-maps defined (other than the _default_xxx - that you can't edit/disable anyway). I don't think I know what a 'fixup' is, so any enlightenment there would be appreciated.

its-system · ‎05-08-2009

Short fix is to disable inspection of RTSP. Fixup is telling the Pix/ASA to do deep packet inspection to see if the segments match the protocol-sequence.

If you're not familiar with the fixup-commands, but work with the GUI, you can go to "service policy rules" -> rule action -> protocol inspection and deselect RTSP.