OPERATIONAL DEFECT DATABASE
...
...
Active TCP connections are disconnected exactly after the TCP default timeout of 1 hour, even though there is traffic that is passing through. The logs will show SYN timeout even for established connections: Aug 13 2021 14:28:15: %FTD-6-302014: Teardown TCP connection 1823 for INSIDE:192.0.2.50/56154 to OUTSIDE:198.51.100.2/22 duration 1:00:01 bytes 6500 SYN Timeout
One or more of the following conditions must match: - SSL policy with 1 or more decryption rules. - TLS Server Identity Discovery/Early application detection and URL categorization is enabled in the Advanced section of the access control policy. - Identity policy with active authentication using capture portal.
1. Configuring a Pre-Filter Rule that matches the traffic with Fastpath action (or) disable SSL rules. For VPN traffic, check the "Bypass Access Control policy for decrypted traffic (sysopt permit-vpn)" under "Access Interfaces" tab of Remote Access VPN policy. 2. Disable Early application detection under Advanced section of the access control policy.
Click on a version to see all relevant bugs
Cisco Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
