This is our old Q&A Site. Please post any new questions and answers at

I am getting troubled by what seems to be a peculiar problem. we have a situation wherein we are trying to access an application over VPN but for some users its failing. VPN terminates on the FW, while client is on the inside. In the traces what I am seeing is that packets are out-of-order but Wireshark is not mentioning it. There is no packet loss just that packets are not arriving in order, there are no dup acks either.

What is strange is that on the ASA's inside interface I am seeing the ACK for the packets from the client which server hasnt even sent yet. I see those packets in the next frame. But I cant get my head around how I am seeing ACK even before the packets are seen on the interface. This could be something really silly but I just cant get my head around it.

asked 17 Jun '17, 04:45

Ravneet's gravatar image

accept rate: 0%

I don't know how you're actually capturing, but it's not unheard of that a monitor port can't always keep the temporal order of packet traversing the various interfaces intact.

permanent link

answered 17 Jun '17, 06:00

Jaap's gravatar image

Jaap ♦
accept rate: 14%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 17 Jun '17, 04:45

question was seen: 1,485 times

last updated: 17 Jun '17, 06:00

p​o​w​e​r​e​d by O​S​Q​A