Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
342
Views
0
Helpful
1
Replies

Connection status

sureshkum
Level 1
Level 1

‎09-28-2007 02:49 AM - edited ‎03-11-2019 04:18 AM

Hi, need help

In my firewall i have no rule play in inside interface for outbound traffic but i have a rule play for inbound traffic in outside interface saying that from my particular branch network can access my server through SMTP.Just i wanted to know the connections..

But i use the command sh conn state data_out | grep 172.30.x.x,It showing the details given bellow

TCP out 172.x.x.x:1198 in 172.30.x.x:25 idle 8:40:06 Bytes 630 flags UFROB

if i use the command sh conn state data_in | grep 172.30.x.x also, It showing the details same given bellow

TCP out 172.x.x.x:1198 in 172.30.x.x:25 idle 8:40:06 Bytes 630 flags UFROB

Kinldy provide me information..there is no difference in the above connection status in and out inforamtion. Y is it so?..Then how can find which source is generating traffic?

Data_in==inbound conn

Data_out=outbund conn...

Labels:
0 Helpful
1 Reply 1

sundar.palaniappan
Level 10
Level 10

‎09-28-2007 11:15 AM

The flags should help you deteremine whether the connection was initiated from inside or outside.

In your scenario the connection was initiated from outside based on the flag B.

UFROB --> (B) indicates initial SYN from outside

show conn detail would show the flags information.

HTH

Sundar

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card