Support Center > Search Results > SecureKnowledge Details
"Smart Connection Reuse" feature modifies some SYN packets
Symptoms
  • "SYN packet on established connection‎" log in SmartView Tracker.

  • FW Monitor shows that Security Gateway modifies a TCP [SYN] packet to a TCP [ACK] packet - between Pre-Inbound (small "i") and Post-Inbound (capital "I").

Cause

This behavior is caused by a feature that has been introduced in NG with AI R54, called "Smart Connection Reuse" that solves the connectivity problems related to the TCP [SYN] packet on established connection. These problems are caused by a connection-reuse attempt.

Background:

Connection reuse can happen when the state of connection in the Security Gateway's Connections table (id 8158) does not match the actual connection state known to the Client and Server. As a result, attempts to establish a new connection using the same source IP address, source port, destination IP address, and destination port fail. This can happen in one of the two following cases:

  • The connection was not closed by the Client or Server
  • The connection was closed by the Client by sending a TCP [RST] packet that did not reach the Security Gateway

Solution
Note: To view this solution you need to Sign In .