ASA 5520 causing sender timeouts on smtp server

Unanswered Question
Jun 18th, 2008

We have a new 5520 in place that is causing problems with some inbound email to us from the internet. It is casuing a "sender timeout" message on the Barracuda spam firewall.

I was able to correlate the following messages from the log with the sender timeouts. It appears that the ASA is denying the traffic after the intial connection.

Here are a couple of log messages. It starts out with the ASA tearing down the connection and then denying the next packet in.

1. Teardown TCP connection 67287318 for outside:82.x.y.z/2793 to inside:10.a.b.c/25 duration 0:00:01 bytes 187 TCP FINs

2. Deny TCP (no connection) from 82.x.y.z/2793 to 63.a.b.c/25 flags FIN ACK on interface outside


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
hadbou Tue, 06/24/2008 - 07:54

1)The error message "Teardown TCP connection" states that A TCP connection between two hosts was deleted.

refer the following url for more information on the error message"Teardown TCP connection":

2)Error Message %ASA-6-106015: Deny TCP (no connection) from IP_address/port to IP_address/port flags tcp_flags on interface interface_name.

Explanation: The security appliance discarded a TCP packet that has no associated connection in the security appliance connection table. The security appliance looks for a SYN flag in the packet, which indicates a request to establish a new connection. If the SYN flag is not set, and there is not an existing connection, the security appliance discards the packet.

Recommended Action: None required unless the security appliance receives a large volume of these invalid TCP packets. If this is the case, trace the packets to the source and determine the reason these packets were sent.


This Discussion