Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Explorer

TCP Packet out of state, First Packet is not syn

Hi,

Can somebody explain me, i am getting this error in tracker. not getting proper reply from tech team.

 

 TCP Packet out of stat     First Packet is not syn

TCP Flag                              PUSH-ACK

 

 

0 Kudos
2 Replies
Admin
Admin

Generally, we expect to see the full three-way handshake of a TCP connection.
If, for some reason, we don't see the full handshake, then you might see this error.
Some of the reasons you might see this are explained in this SK: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
Unless there are actual connectivity or application issues observed, these can safely be ignored.
0 Kudos
Highlighted
Champion
Champion

Please see my response in this thread:

https://community.checkpoint.com/t5/General-Topics/First-packet-isn-t-SYN/m-p/7021

Whether you should do anything about it depends upon what TCP flags you see reported in the dropped packet.  In your case of ACK accompanied by PSH, that would generally indicate that the connection was idled out of the firewall's state table due to inactivity (60 minutes default idle timer).

 

R80.40 addendum for book "Max Power 2020" now available
for free download at http://www.maxpowerfirewalls.com
0 Kudos