-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Joe - Maybe the middlebox along the path doesn't like tcp window scale parameter being changed in the midway due to dropped tcp connections or something. Could be specific to microsoft server. What does your pix logs show? Have you tried turning off 'tcp window scale' option on your windows server? I believe this is enabled by default[0]. See if you can test this. I've ran into similar problems using pix/nokia fw. Hopefully this helps and you might want to bounce (do not crosspost :)) this thread off cisco-nsp. regards, /virendra [0] http://support.microsoft.com/kb/934430 Jo¢ wrote:
Greetings all
I have a customer running with a Cisco 5500 series firewall. What were seeing (as a problem) is that there is a bit being flipped by the firewall in the packet header. The bit in question is the Congession Window Reduced or CWR bit. Under heavy load the target server is getting this bit as high and since (I am guessing) its that way dropping the session yet its not near capacity. It?s a Microsoft server as well. Not that I am knocking that but. Under the same situation a Linux/Apache server doesn't seem to care, and goes about its business. Anyone heard of this? I did searches regarding this but found (as per usual) tons of usless info. I'm not sure why the packets are being changed by the ASA. I know there not hitting the firewall this way (Packet capture) but they are getting changed. Config mishap? Is the ASA throttling down stuff, and if so why not at the requesting party?
Dunno. Completely baffled. Thanks In Advance!
-Joe
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJ+e6DpbZvCIJx1bcRAiYcAKDsGJd2H4QNSB7Leqqc5LwX8Bu78ACgo43T j6t3fKOELjTbgkP0qhBzzwg= =krtL -----END PGP SIGNATURE-----