LOGS on PIX

Unanswered Question
Nov 13th, 2007

I have the following Logs .

%PIX-6-202522: Built outbound TCP connection 258647931 for DLS-DMZ:172.16.55.4/8080 (62.241.155.45/8080) to inside:192.168.1.5/55192 (192.168.1.5/55192)

%PIX-6-202522: Teardown TCP connection 258647935 for DLS-DMZ:172.16.55.4/8080 to inside:192.168.1.5/33189 duration 0:11:54 bytes 584625 TCP FINs

%PIX-6-202522: Teardown TCP connection 258647955 for DLS-DMZ:172.16.55.4/8080 to inside:192.168.1.5/57279 duration 0:05:44 bytes 9654 TCP FINs

%PIX-6-105012: Deny TCP (no connection) from 192.168.1.5/54517 to 215.15.85.2/8080 flags FIN ACK on interface inside

%PIX-6-105012: Deny TCP (no connection) from 192.168.1.5/59118 to 215.15.85.2/8080 flags FIN ACK on interface inside

%PIX-6-105012: Deny TCP (no connection) from 192.168.1.5/44205 to 215.15.85.2/8080 flags FIN ACK on interface inside

what does these logs mean and is the deny word normal after teardown the session or not?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jbayuka Mon, 11/19/2007 - 08:52

Use the logging list command in order to capture the syslog for LAN-to-LAN and Remote access IPsec VPN messages alone. This example captures all VPN (IKE and IPsec) class system log messages with debugging level or higher.

Refer to the document PIX/ASA 7.x and later with Syslog Configuration Example

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml#capturevpn

Actions

This Discussion