Preview Tool

Cisco Bug: CSCtc69845 - Unexpected ACK is sent from ASA during multiple retransmission

Last Modified

Nov 08, 2016

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases


Description (partial)


In case of Smart Tunnel WebVPN, ASA is an end point of WebVPN tunnel
and the initiator of TCP connection with the target server.

On the side of non-WebVPN TCP connection,
and when ASA can't receive any acknowledge packets from server,
ASA repeatedly sends not only retransmitting packet
but unexpected ACK which has strange sequence/acknowledge number,
which is minus 1 of the one of retransmitting packet.

This unexpected ACK is sent from ASA every minute
until the connection is closed.


This problem is found while ASA retransmits decrypted GET packets from Smart Tunnel client.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.