Document ID: 71602
Updated: Oct 13, 2008
Contents
Introduction
The Microsoft Windows Vista Operating System (OS) enables the TCP Window Scaling option by default (previous Windows OSes had this option disabled). This causes problems with old Cisco PIX software. This document describes the problem and presents the solution to this issue.
Prerequisites
Requirements
There are no specific requirements for this document.
Components Used
This document is not restricted to specific software and hardware versions.
Conventions
Refer to Cisco Technical Tips Conventions for more information on document conventions.
Problem
The Microsoft Windows Vista OS enables the TCP Window Scaling option by
default (previous Windows OSes had this option disabled). The TCP Window
Scaling option is described in
RFC
1323
(TCP Extensions for High Performance), and allows for the device to
advertise a receive window larger than 65 K than TCP originally specified. This
is useful in the higher speed networks of today, where more data can be
outstanding on the wire before it is acknowledged. This slow performance, or
dropped TCP connections is caused by some versions of PIX software not
supporting the TCP Window Scaling option. This causes it to have a much smaller
TCP window than the endpoints actually have. This causes the Cisco PIX to drop
packets that it believes are outside the TCP window, but which really are not.
You experience this problem with older Cisco PIX software.
Solution
Upgrade the Cisco PIX Security Appliance to a version that supports the TCP Window Scaling option.
The supported versions are:
-
All versions of 7.x
-
6.3(1) or later
-
6.2(3) or later
-
6.1(5) or later
Related Information
Open a Support Case 
(Requires a Cisco Service Contract.)
Related Cisco Support Community Discussions
The Cisco Support Community is a forum for you to ask and answer questions, share suggestions, and collaborate with your peers.
Refer to Cisco Technical Tips Conventions for information on conventions used in this document.