traffic issues

Unanswered Question
Nov 18th, 2008

Hi all. One of my regional site is replicating sql traffic to our main sql server located in headquarters. However we receive many fail replication errors. On checking the firewall log i notice the following which shows that my regional sql server fail to connect to my main sql server. There is a deny traffic after the origination connection was teardown. How do i solve this? Thks in advance.

2008-11-06 18:17:57 Local4.Info 192.168.1.252 Nov 06 2008 03:29:35: %ASA-6-302014: Teardown TCP connection 25242900 for outside:sqlsvr/2411 to inside:mainsqlsvr/1433 duration 0:51:01 bytes 1042132 TCP Reset-I

2008-11-06 18:17:57 Local4.Info 192.168.1.252 Nov 06 2008 03:29:36: %ASA-6-106015: Deny TCP (no connection) from sqlsvr/2411 to mainsqlsvr/1433 flags ACK on interface outside

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
smahbub Tue, 11/25/2008 - 09:46

Error Message - %PIX|ASA-6-302014: Teardown TCP connection id for

interface:real-address/real-port to interface:real-address/real-port duration hh:mm:ss bytes

bytes [reason] [(user)]

Explanation - A TCP connection between two hosts was deleted. The following list describes the message values:

•connection id is an unique identifier.

•interface, real-address, real-port identify the actual sockets.

•duration is the lifetime of the connection.

•bytes bytes is the data transfer of the connection.

•user is the AAA name of the user.

The reason variable presents the action that causes the connection to terminate.

----

Error Message - %PIX|ASA-6-106015: Deny TCP (no connection) from IP_address/port to

IP_address/port flags tcp_flags on interface interface_name.

Explanation - The security appliance discarded a TCP packet that has no associated connection in the security appliance connection table. The security appliance looks for a SYN flag in the packet, which indicates a request to establish a new connection. If the SYN flag is not set, and there is not an existing connection, the security appliance discards the packet.

Recommended Action - None required unless the security appliance receives a large volume of these invalid TCP packets. If this is the case, trace the packets to the source and determine the reason these packets were sent.

Actions

This Discussion