cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
792
Views
0
Helpful
2
Replies

ASA blocking TCP Traffic...why?

darkid123
Level 1
Level 1

Hi,

I'm having a problem with my ASA dropping TCP connections. I have a Websense box going to an ASA, then out to a Nokia/Checkpoint FW, and then to the outside. When I try pinging the outside, it works fine. However, as soon as I try any TCP traffic, the ASA blocks it. I checked the Checkpoint logs and everything is allowed to go through, but once it hits the ASA, it drops. I have all my interfaces set to allow all on the ASA, so I really can't see why it's doing this...

I attached a log file from my Websense box trying to access the internet. Anyone's help appreciated!

Thanks.

6 Oct 24 2007 11:18:42 106015 WEBSENSE 69.147.114.210 Deny TCP (no connection) from WEBSENSE/1118 to 69.147.114.210/80 flags RST on interface DMZ

2 Replies 2

m
Level 1
Level 1

hi darkid123.

as described in the syslog-reference for ASAs it looks like asymetric routing!?

106015

Error Message %PIX|ASA-6-106015: Deny TCP (no connection) from IP_address/port to

IP_address/port flags tcp_flags on interface interface_name.

Explanation The security appliance discarded a TCP packet that has no associated connection in the security appliance connection table. The security appliance looks for a SYN flag in the packet, which indicates a request to establish a new connection. If the SYN flag is not set, and there is not an existing connection, the security appliance discards the packet.

Recommended Action None required unless the security appliance receives a large volume of these invalid TCP packets. If this is the case, trace the packets to the source and determine the reason these packets were sent.

purohit_810
Level 5
Level 5

Websense is droping your Yahoo website. Open Meebo.com.

- Dharmesh

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: