Hello,

I've been observing this behavior for a while.

When TCP client (web browser) within the guest OS connecting to an outside server (web server) and the firewall within guest OS starts blocking packets after the TCP connection is established, after some time the VMware Workstation starts issuing TCP packets with ACK+PSH+FIN on behalf of the outside server. The packets are issued every 100 milliseconds and it never stops (for at least several days). In VMware Workstation 9 and earlier it was going on for about 30 sec then stopped. In Workstation 11 it just keeps going. The Suspend-Resume or Reboot of the guest OS has no effect. The disconnect-reconnect to guest OS of the network has no effect. Only reboot of the host OS helps. It was observed for Win 7 x64 as a host OS and both Win XP x86 and Win7 x86 as a guest OS. I would guess that when a TCP client process is forcefully terminated, it may also cause the TCP connection not being closed by the client gracefully and result in the same behavior from VMware Workstation.

My guess is that it may be related to statefull TCP processing by Workstation. So when TCP state machine times out, it tries to gracefully terminate the connection it thinks still exists.

Is there Workstation setting that can limit the number of attempts for such graceful TCP termination or a time limit on it?