FWSM - Teardown Resets

Answered Question
Mar 12th, 2009

Hi,

What is the explanation of Reset-I and Reset-O in the FWSM Teardown log messages.

On the outside of FWSM, the ACE bridges two VLANs lets says 5 & 6 and IDSM bridges 6 & 7. Can ACE and/or IDSM send a Reset which I see in the FWSM log.

Also how would a Reset-I/O show if it is coming from a DMZ of the FWSM.

I have this problem too.
0 votes
Correct Answer by Syed Iftekhar Ahmed about 7 years 8 months ago

Reset-I means FWSM recieved a Reset from the inside.

Reset-O means FWSM recieved a Reset from outside.

These resets will be occurring because the resource you are trying to

connect to is not allowing a connection or is forcibly closing an established

connection.

FWSM generates these messages when its cleaning up the state table (Remember Client/server has alreday disconnected the connection using RST)

You should gather captures from both relevant interfaces on the FWSM and try to figure out which resource is the source of these RSTs. You

can do this by using SPAN sessions.

Syed Iftekhar Ahmed

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Syed Iftekhar Ahmed Fri, 03/13/2009 - 12:24

Reset-I means FWSM recieved a Reset from the inside.

Reset-O means FWSM recieved a Reset from outside.

These resets will be occurring because the resource you are trying to

connect to is not allowing a connection or is forcibly closing an established

connection.

FWSM generates these messages when its cleaning up the state table (Remember Client/server has alreday disconnected the connection using RST)

You should gather captures from both relevant interfaces on the FWSM and try to figure out which resource is the source of these RSTs. You

can do this by using SPAN sessions.

Syed Iftekhar Ahmed

Actions

This Discussion