Combating out of order packets

I am running a 450g box as a router and vpn box and it works great in most cases. I am having a big problem staying connected to vpn and rdp sessions when I traverse a Cisco ASA unit on our WAN though.

We haven’t gotten to the bottom of it yet, but the ASA buffers are maxed out dealing with out of order packets from the ISP side. As I mentioned, my 450g box is inside the WAN and must pass through the ASA for remote connections. Connections drop many times in a short few minutes, and especially with any amount of traffic. For instance, my vpn will stay up 10-20 minutes without disconnecting, until I attempt to view shares on the remote server.

I am not sure when we will figure out the problem, but wonder if there is anything I can add as a rule on the MikroTik box to deal with the situation and maintain my connections, despite the problem at the ASA??

Not if the ASA is discarding packets due to buffers being maxed out. You can’t turn off connection tracking on an ASA (and wouldn’t want to since that would render it useless). I wouldn’t call that an ASA problem, though - that’s a problem with the ISP. Why are you getting so many packets out of order? ASAs default to the highest possible queue size on an interface, and 5510s and up can buffer up to 2,048 packets on an interface, with 256 being on the TX ring. If you’re exceeding that something is seriously wrong.