I have a ticket open with TAC for 28 days now with no resolution in sight so I'm looking for help!!! With the FWSM in place the Norton Ghost image transfer gets to 25% of an 80 MB file and fails. With the FWSM removed, the transfer completes correctly. The configuration of the FWSM is very simple for testing:
NAT 0 access-list for all traffic inbound and outbound to the FWSM.
access-list open extended permit ip any any
From the sniffer traces right before the failure I see the Ghost server doing a resend four times, the client gets the resends but won't ACK the packet. Then the FWSM sends four RST which the client never gets.
Previous FWSM version was 2.2(1)9 but I upgraded today to 2.2(1)17 in hopes of resolving this. I have sent a note to my Engineers to test and will if they are in the office this week I will know shortly.
Any help is greatly appreciated as I'm not hopeful that Cisco will solve this. Longest open case and worse handling I've ever had in my four plus year history with Cisco!!! Normally they do a great job.
so if the sniffer traces shows that client sees a packet 4 times but wont ACK, isnt it an issue with client? have you tried "no random sequence"
nat local_interface nat_id local_ip [mask [dns] [outside] [[tcp] tcp_max_conns [emb_limit] [norandomseq]]] [udp udp_max_conns]
have you tried using static instead of nat0?
i found this bug (may not be related)
try 2.3 latest engineering build
We are currently experiencing the same issue with norton ghost and our fswm, we have upgraded to 2.3(2) and the problems continues. Have you received any insight or fix for Cisco for this issue?