Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
408
Views
0
Helpful
1
Replies

Help with IOS Firewall log message

ovt
Level 4
Level 4

‎09-04-2007 10:30 PM - edited ‎03-11-2019 04:06 AM

Hi!

If

ip inspect log drop-pkt

is enabled I see a lot of the following error messages:

%FW-6-DROP_TCP_PKT: Dropping tcp pkt 10.1.1.120:2740 => 10.7.1.6:25 due to Stray Segment -- ip ident 48234 tcpflags 0x5004 seq.no 2494264063 ack 2494264063

What does this mean?

Labels:
0 Helpful
1 Reply 1

vkapoor5
Level 5
Level 5

‎09-11-2007 06:18 AM

"Stray segment" message is logged whenver the FW TCP inspection doesn't expect a TCP message/segment given the session context. Example, reception of a SYN segment from outside to inside when expection is that SYN are initiated from inside.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card