Retransmission of packets on the gateway pcap but not on client pcap

Hello guys, This is a strange issue we are facing in which the client is able to access the server on port 80 but the resources hosted on the server works sometimes and does not work sometime. In the tcpdump pcap file catures on security gateway I see many retransmissions are there but on pcap file of client machine I do not see retransmissions.

The client is directly connected to the checkpoint direwall and Ipsec tunnel has been build netween the checkpoint and ASA firewall and behind ASA firewall the server is hosted.

Anyone faced this kind of issue? Could this be related to checkpoint or tunnel?

Thanks in advance!!

0 Kudos
2 Replies

Assuming you mean "directly connected" in a Layer 3 sense (i.e. same subnet).
Unless one end of the cable is the Check Point device and the other end is the server, there is something "in between." 😉
Reminds me of a problem I ran into when I was a TAC engineer years ago that we ultimately determined was in the switch configuration.
Not saying that's the case here, but you definitely need to rule that out.
0 Kudos

To see if the problem is tunnel related, set the MTU of the PC interface to 1400 and test again, or use TCPoptimizer to test the max MTU and use that to set it (Freeware).
If that resolves your problem, look at mss clamping.
Regards, Maarten