Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
733
Views
0
Helpful
2
Replies

syn timeout while reaching a server

Go to solution
mahesh18
Level 6
Level 6

‎05-02-2014 07:37 AM - edited ‎03-11-2019 09:09 PM

 

Hi Everyone,

 

I am trying to connect to a server.

Logs are below from ASA

May 01 2014 17:59:54: %ASA-6-302014: Teardown TCP connection 142620724 for X:172.31.23.107/60309 to Y:172.31.10.131/443 duration 0:00:30 bytes 0 SYN Timeout

May 01 2014 17:59:24: %ASA-6-302013: Built inbound TCP connection 142620724 for X:172.31.23.107/60309 (172.31.23.107/60309) to Y 172.31.10.131/443 (172.31.10.131/443)

 

 

I did packet capture on ASA

   1: 17:59:24.010390 172.31.23.107.60309 > 172.31.10.131.443: S 2877280643:2877280643(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>

   2: 17:59:27.006240 172.31.23.107.60309 > 172.31.10.131.443: S 2877280643:2877280643(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>

   3: 17:59:33.008544 172.31.23.107.60309 > 172.31.10.131.443: S 2877280643:2877280643(0) win 8192 <mss 1460,nop,nop,sackOK>

 

Need to confirm that as per above logs ASA has send 3 syn packets to servers and it did not receive any syn,ack from the server right?

Also nop,wscale 2,nop,nop,sackOK> means that ASA does not receive any syn from server right?

 

Regards

 

Mahesh

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-02-2014 08:50 AM

Yes, that's right. 3 syn packets without an ack is the default for Windows to stop retrying.

The first one is sent, then 3 seconds later the second then 6 seconds later the third.

I find it's generally easier to export the packet captures into Wireshark to visualize the flows. If you run the capture using the ASDM wizard and setup your path to Wireshark in ASDM, you can just click to export and launch.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-02-2014 08:50 AM

Yes, that's right. 3 syn packets without an ack is the default for Windows to stop retrying.

The first one is sent, then 3 seconds later the second then 6 seconds later the third.

I find it's generally easier to export the packet captures into Wireshark to visualize the flows. If you run the capture using the ASDM wizard and setup your path to Wireshark in ASDM, you can just click to export and launch.

0 Helpful

Go to solution
mahesh18
Level 6
Level 6
In response to Marvin Rhoads

‎05-02-2014 09:37 AM

 

Thanks MArvin seems i will learn lot from your experience.

 

Regards

Mahesh

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card