It appears you have not yet registered with our community. To register please click here...


Go Back   CiscoHQ | Forum > Cisco > Cisco Security
Reload this Page ASA log 106015

Cisco Security Discussion related to Cisco Security products ie. Cisco PIX, Cisco ASA, IDS, IPS...

Reply
 
Thread Tools Display Modes
Old 08-12-2008, 03:41 AM   #1
gingnang
Junior Member
 
Join Date: Aug 2008
Posts: 1
gingnang is on a distinguished road
Default ASA log 106015
Hi all,

Thanks for taking your time to read my post!

I use ASA5510 version 8.0(3).

My question is

Does ASA forward RST flaged packet to the other peer if ASA received RST flaged packet from one peer?
2 peers are on different interface in this case.

I sometimes get log 106015 like below.

22 May 21 2008 14:xx:xx 106015 Deny TCP (no connection) from 10.10.xx.xx/20638 to 10.1.xx.xx/yyy flags ACK on interface outside

This log explains that there is no connection entry for this packet, so get dropped.

I am pretty sure that 10.10.xx.xx sent RST flaged packet for some reason and ASA tore down the connection entry from conn table.

When ASA deletes the entry from conn table, Does ASA send RST flaged packet to remote end.

It seems like 10.1.xx.xx does not know the fact that the connection is deleted and keeps sending packet which results in bunch of that log.

Thanks,

Gingnang
gingnang is offline   Reply With Quote
  #1.5
 
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -5. The time now is 10:14 AM.

Contact Us - CiscoHQ.com | Cisco Forum - Archive - Top

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
CiscoHQ | 2006 - CiscoHQ is not affliated with Cisco Systems