08-17-2007 12:29 PM - edited 03-05-2019 05:57 PM
"106001: Inbound TCP connection denied from host(x.x.x.x), to websense flags SYN on interface inside", this is the error i am getting on my ASA 5500, could you please suggest me whats this? and how i solve it?
08-19-2007 08:11 PM
hi
hope this helps.
1. %PIX-2-106001: Inbound TCP connection denied from IP_address/port to IP_address/port flags tcp_flags on interface interface_name
This is a connection-related message. This message occurs when an attempt to connect to an inside address is denied by your security policy. Possible tcp_flags values correspond to the flags in the TCP header that were present when the connection was denied. For example, a TCP packet arrived for which no connection state exists in the PIX Firewall, and it was dropped. The tcp_flags in this packet are FIN and ACK. The tcp_flags are as follows: - ACK-The acknowledgment number was received. - FIN-Data was sent. - PSH-The receiver passed data to the application. - RST-The connection was reset. - SYN-Sequence numbers were synchronized to start a connection. - URG-The urgent pointer was declared valid.
Recommended Action: None required. Error Message %PIX-2-106002: protocol Connection denied by outbound list acl_ID src inside_address dest outside_address
regds
08-21-2007 07:44 AM
Hi Prem
I have opend the all ports in ACL, for this host, but its not working, as our main problem is websense is unable to disply the block page message on the system when user try to access the blocked websites that websense should do but ueser getting the "page cannot be displyed message instead". please help me.
08-22-2007 06:31 AM
check that your routing is symetric. many times this error and others like it are caused by asymetric routing.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: