Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
281
Views
0
Helpful
1
Replies

PIX515 vers6.2(2) problem with mailguard disgarding packet

syves
Level 1
Level 1

‎11-17-2004 06:11 PM - edited ‎03-09-2019 09:29 AM

Dear All

I have a problem with my smtp connection through my PIX vers 6.2(2). I found that if an aknowledgement packet is lost before getting to the PIX the retransmission of the packet is not recognise.

Below is the debug fixup tcp result.

Any ideas why Mailguard is droping the retransmited packet.

REgards Yves

smtp_response: (MBEXCHNT1/25 -> MBSITS2K3/4674)

smtp_cmd: (MBEXCHNT1/25 <- MBSITS2K3/4674)

smtp_cmd: initial cmd = helo , enter reply mode

smtp_response: (MBEXCHNT1/25 -> MBSITS2K3/4674)

entering command mode

smtp_cmd: (MBEXCHNT1/25 <- MBSITS2K3/4674)

smtp_cmd: cmd = mail entering reply mode

smtp_response: (MBEXCHNT1/25 -> MBSITS2K3/4674)

entering command mode

smtp_cmd: (MBEXCHNT1/25 <- MBSITS2K3/4674)

smtp_cmd: cmd = rcpt entering reply mode

smtp_response: (MBEXCHNT1/25 -> MBSITS2K3/4674)

entering command mode

smtp_cmd: (MBEXCHNT1/25 <- MBSITS2K3/4674)

entering reply moded = data

smtp: DATA cmd, waiting for acceptance

smtp_response: (MBEXCHNT1/25 -> MBSITS2K3/4674)

entering command mode

begin mail

smtp_data: data transfer complete, awaiting reply

!**********************************

!the original 250 OK packet is lost the following

!entry is the retransmission packet for the "250 OK"

!acknowledgement of the end of the email

!************************************

tcpseq: rexmit packet seq=756258381, snd_next=756258389, window (756258381-756323639)

!***********************************

!Mailguard discard the 250 OK retransmission

!***********************************

smtp_response: (MBEXCHNT1/25 -> MBSITS2K3/4674)

discarding old reply

packet: <250?OK\r\n>

tcp: ERR: fixup on flags <1000> fails

Labels:
0 Helpful
1 Reply 1

scoclayton
Level 7
Level 7

‎11-17-2004 08:33 PM

I suspect you might be running into a side effect of a known issue - CSCeb33762.

Any chance you would consider an upgrade to 6.2(4) and try your test again? If this does not work, I would suggest getting a trace of the session from the outside interface on the PIX along with the corresponding 'deb fixup tcp' output and opening a service request with the experts in TAC.

Sorry I cannot offer more assistance.

Scott

0 Helpful
Customers Also Viewed These Support Documents