Quick PIX syslog Q!

Answered Question
Mar 30th, 2007

If a PIX closes a half-closed TCP connection after it's timeout period (default 10 mins), what code/text would that be logged as?

Thanks,

J

I have this problem too.
0 votes
Correct Answer by David White about 9 years 9 months ago

The PIX would log syslog 302014 (TCP connection termination message), and the reason would be "FIN Timeout"

%PIX|ASA-6-302014: Teardown TCP connection id for interface:real-address/real-port to interface:real-address/real-port duration hh:mm:ss bytes bytes [reason] [(user)]

Hope it helps,

David.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
David White Fri, 03/30/2007 - 08:25

The PIX would log syslog 302014 (TCP connection termination message), and the reason would be "FIN Timeout"

%PIX|ASA-6-302014: Teardown TCP connection id for interface:real-address/real-port to interface:real-address/real-port duration hh:mm:ss bytes bytes [reason] [(user)]

Hope it helps,

David.

Actions

This Discussion