Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
VarunTP
Participant
Jump to solution

Data received before SYN was acknowledged. Stripping all packet data

Data received before SYN was acknowledged. Stripping all packet data" . Since we have a cluster of 3 External firewall  and 2 internet ( Active / Passive ) . So where might be the asymmetric routing happen . between the 3 firewall cluster ?

 

Is there any solution ? I have see the drop is happening at " Inspection Setting - TCP SYN modified Retransmission " under the default profile . Currently its configured as drop , can we change to Accept ? whether that will create any security vulnerability ?

 

I changed the TCP SYN modified Retransmission from Drop to Accept , and user is able to access. This is only for a particular website which is hosted in a different site . Only issues for the users in VPN .

Traffic Flow :

User connected CP VPN -- >  there is a site to site tunnel to different location 

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

Rather than disable it entirely (i.e. make it Accept), you should set an Exception.
This can be done by right-clicking on the TCP SYN Modified Retransmission and selecting Exceptions.
You can then create a new exception to your specification:

image.png

View solution in original post

(1)
2 Replies
PhoneBoy
Admin
Admin

Rather than disable it entirely (i.e. make it Accept), you should set an Exception.
This can be done by right-clicking on the TCP SYN Modified Retransmission and selecting Exceptions.
You can then create a new exception to your specification:

image.png

(1)
VarunTP
Participant

Thanks a lot , This solution resolved one long pending issue. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    Wed 01 May 2024 @ 02:00 PM (EDT)

    South US: HTTPS Inspection Best Practices

    Tue 23 Apr 2024 @ 11:00 AM (EDT)

    East US: What's New in R82

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap

    Wed 01 May 2024 @ 02:00 PM (EDT)

    South US: HTTPS Inspection Best Practices

    Tue 23 Apr 2024 @ 11:00 AM (EDT)

    East US: What's New in R82

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82
    CheckMates Events