Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1282
Views
15
Helpful
7
Replies

Host never recieves SynAck

CiscoBrownBelt
Level 6
Level 6

‎08-31-2020 03:04 PM - edited ‎08-31-2020 03:20 PM

So capture on host side shows Syn got out to server on my side. Capture on my ASA shows server receive the SYN and keeps retransmitting with a SYN/ACK until connection is reset. At least SYN packet makes it to our server so I suspect possible a route issue somewhere between us to send the SYN/ACK or traffic back? Perhaps load balancer causing issue? Thoughts? Pinging or traceroute not possible due to restrictions. 

Labels:
0 Helpful
7 Replies 7

Georg Pauwen
VIP
VIP

‎09-01-2020 12:17 AM

Hello,

 

who (what device, what OS) is the host ?

CiscoBrownBelt
Level 6
Level 6
In response to Georg Pauwen

‎09-01-2020 06:28 AM

I don't know, it is possible a Windows 10 thin client. Shouldn't it at least receive it if the network path if good?

0 Helpful

Georg Pauwen
VIP
VIP
In response to CiscoBrownBelt

‎09-01-2020 07:22 AM

What is your server running ? I have been looking around, turning off and/or TCP window scaling and TCP timestamps on your server could be a solution...

0 Helpful

paul driver
VIP
VIP

‎09-01-2020 01:18 AM

Hello

What service(s) is that host running, can you try to establish a connection on it application service port?
telnet x.x.x.x <port>


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

CiscoBrownBelt
Level 6
Level 6
In response to paul driver

‎09-01-2020 06:30 AM

I don't know. Telnet or SSH is not going to be allowed out through the WAN. If the network path if good, shouldn't the SYN/ACK traffic make it to the host? Just trying to understand what you are thinking?

0 Helpful

paul driver
VIP
VIP
In response to CiscoBrownBelt

‎09-01-2020 12:48 PM - edited ‎09-01-2020 12:52 PM

Hello

Telnet on its default port maybe denied but you can use it to open up a different port -ie  the application port you have running on that host I assume you must be able to test what you want to access?

Is the fw allowing the service ports you want to access that host with?

Also turn off any software firewall that win10k host maybe be running and test again. 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

CiscoBrownBelt
Level 6
Level 6
In response to paul driver

‎09-01-2020 01:09 PM

I can see, not sure if user with host is able to do that.  If the network path if good, shouldn't the SYN/ACK traffic make it to the host?

0 Helpful
Top