This is a static archive of our old Q&A Site. Please post any new questions and answers at

Ack before even a packet is recevied.


I am getting troubled by what seems to be a peculiar problem. we have a situation wherein we are trying to access an application over VPN but for some users its failing. VPN terminates on the FW, while client is on the inside. In the traces what I am seeing is that packets are out-of-order but Wireshark is not mentioning it. There is no packet loss just that packets are not arriving in order, there are no dup acks either.

What is strange is that on the ASA's inside interface I am seeing the ACK for the packets from the client which server hasnt even sent yet. I see those packets in the next frame. But I cant get my head around how I am seeing ACK even before the packets are seen on the interface. This could be something really silly but I just cant get my head around it.

asked 17 Jun '17, 04:45

Ravneet's gravatar image

accept rate: 0%

One Answer:


I don't know how you're actually capturing, but it's not unheard of that a monitor port can't always keep the temporal order of packet traversing the various interfaces intact.

answered 17 Jun '17, 06:00

Jaap's gravatar image

Jaap ♦
accept rate: 14%