I have wireshark running on a span port monitoring my ASA outside interface. I put a filter on a certain hosts public IP. Wireshark is reporting tons of TCP retransmissions, a couple of TCP Window Full, even more TCP Zero Window, TCP fast transmissions. I know these have to do with the buffers getting full. I was wondering can I point at the interface on the firewall for these or the server? Any help is appreciated.