cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5871
Views
0
Helpful
21
Replies

Many TCP retransmissions on Cisco ASA Log to a specific website.

rbarreto_p
Level 1
Level 1

Hi everyone. 

I am stuck on a problem for several days and could not solve it so far. When I try to access a specific website, a timeout error occurs on browser. Tried to open wireshark to analyze the packet and could see many TCP retransmissions. It happens on Ciso ASA Capture as well.

The IP address of the website appears on Top 10 Protected Servers under SYN Attack on ASA Firewall Dashboard. (I do not know why, because it is a corporate website hosted outside our LAN).

I am able to open the website from everywhere, except from the company LAN. We have already checked proxy settings, DNS and everything looks fine.

Also we are able to open the website through browser with no problems, but the problem happens a few seconds later.

Attached a wireshark capture from internal host to the web site.

Thanks in advance.

21 Replies 21

I already did that and could open the website with no problems. That is really strange indeed!

Thank you.

As I said, this doesn't look ASA issue, However, could you please open a TAC case if want this to be investigated further.

You can try tcp statte bypass for this particular connection and see if that helps.

OK, Pranay.

Thank you for your assistance. 

Regards.

I have created  TCP state bypass only for the specific website IP address but the problem was not solved. I will try to open a TAC case. 

Thanks. 

So when I connect the link back to the ASA I cannot access the website again from the internal hosts. The problem is the same as before. When the link is  connected directly to my laptop, I can access the website. .

Thank you.

Farhan Mohamed
Cisco Employee
Cisco Employee

Really strange...Can you plug ISP EMBRATEL directly in a laptop with same IP as currently assigned to ASA  and try to access this specific website. I am still not sure if ASA is the problem. 

Hi Farhan. I did exactly what you said and was able to access the website. When I connect the same link to ASA, cannot access the website again. (SYN timeout).

Regards.

Review Cisco Networking for a $25 gift card