I am getting troubled by what seems to be a peculiar problem. we have a situation wherein we are trying to access an application over VPN but for some users its failing. VPN terminates on the FW, while client is on the inside. In the traces what I am seeing is that packets are out-of-order but Wireshark is not mentioning it. There is no packet loss just that packets are not arriving in order, there are no dup acks either.
What is strange is that on the ASA's inside interface I am seeing the ACK for the packets from the client which server hasnt even sent yet. I see those packets in the next frame. But I cant get my head around how I am seeing ACK even before the packets are seen on the interface. This could be something really silly but I just cant get my head around it.
asked 17 Jun '17, 04:45
I don't know how you're actually capturing, but it's not unheard of that a monitor port can't always keep the temporal order of packet traversing the various interfaces intact.
answered 17 Jun '17, 06:00