Can I drop an inbound to outside interface connection to my ASA 5520

Unanswered Question
Oct 31st, 2008
User Badges:

Hi,


From Netflow Analyazer I can see a connection from an external IP to my ASA's outside interface that's been going for 2 hours and downloaded 3GB of data so far, how can I kill this conenction? It's a http connection.


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
cisco24x7 Fri, 10/31/2008 - 06:33
User Badges:
  • Silver, 250 points or more

you can shun the connection or perform a "clear

xlate" on that connection

whiteford Fri, 10/31/2008 - 06:36
User Badges:

Thanks, would do I type after "clear xlate"? if the IP I need to drop is 1.2.3.4?


Thanks

srue Fri, 10/31/2008 - 07:13
User Badges:
  • Blue, 1500 points or more

clear local-host is good for this also.

whiteford Fri, 10/31/2008 - 07:23
User Badges:

Thanks, will this drop that single external IP that's comming inbound? I don't want to drop all connections.


Thanks

Brent Rockburn Fri, 10/31/2008 - 09:36
User Badges:

Why don't you just put up an ACL blocking that IP on the outside interface?

Actions

This Discussion