Cisco ASA 0 SYN Timeout

The following solution was found here: http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807c35e7.shtml

I was having issues connecting to my load balancers and we seeing in the Cisco logs that the TCP connection was being built but then getting torn down with the following error:

Teardown TCP connection 90 for outside:172.22.1.1/80 to inside:192.168.1.50/1107 duration 0:00:30 bytes 0 SYN Timeout

The syslog message indicates the connection closed because the of SYN timeout. This tells the administrator that no application X server responses were received by the ASA. Syslog message termination reasons can vary.

The SYN timeout gets logged because of a forced connection termination after 30 seconds that occurs after the three-way handshake completion. This issue usually occurs if the server fails to respond to a connection request, and, in most cases, is not related to the configuration on PIX/ASA.

Sure enough my load balancers had an incorrect default gateway!

Advertisements

1 Comment

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s