cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
11225
Views
0
Helpful
1
Replies

syslog %ASA-6-106015

nguyen-thieu
Level 1
Level 1

getting from syslog from CISCO ASA

%ASA-6-106015: Deny TCP (no connection) from 141.197.138.74/4778 to 10.252.2.181/5061 flags ACK on interface inside

It is some thing that I should be concerned ? Or How to fix it.

Thanks

1 Reply 1

Patrick Iseli
Level 7
Level 7

Depends how many of them you get.

Basicly there is no entry in the stateful firewall table of an initial SYN request so the Firewall is refusing the connection.

Cause:

a.) Asymetric routing

b.) timout issues

http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logmsgs.html#wp1279822

Error Message %PIX|ASA-6-106015: Deny TCP (no connection) from IP_address/port to

IP_address/port flags tcp_flags on interface interface_name.

Explanation The security appliance discarded a TCP packet that has no associated connection in the security appliance connection table. The security appliance looks for a SYN flag in the packet, which indicates a request to establish a new connection. If the SYN flag is not set, and there is not an existing connection, the security appliance discards the packet.

Recommended Action None required unless the security appliance receives a large volume of these invalid TCP packets. If this is the case, trace the packets to the source and determine the reason these packets were sent.

sincerely

Patrick

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: