syslog %ASA-6-106015

Unanswered Question
Mar 25th, 2009

getting from syslog from CISCO ASA

%ASA-6-106015: Deny TCP (no connection) from 141.197.138.74/4778 to 10.252.2.181/5061 flags ACK on interface inside

It is some thing that I should be concerned ? Or How to fix it.

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
Patrick Iseli Wed, 03/25/2009 - 18:13

Depends how many of them you get.

Basicly there is no entry in the stateful firewall table of an initial SYN request so the Firewall is refusing the connection.

Cause:

a.) Asymetric routing

b.) timout issues

http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logmsgs.html#wp1279822

Error Message %PIX|ASA-6-106015: Deny TCP (no connection) from IP_address/port to

IP_address/port flags tcp_flags on interface interface_name.

Explanation The security appliance discarded a TCP packet that has no associated connection in the security appliance connection table. The security appliance looks for a SYN flag in the packet, which indicates a request to establish a new connection. If the SYN flag is not set, and there is not an existing connection, the security appliance discards the packet.

Recommended Action None required unless the security appliance receives a large volume of these invalid TCP packets. If this is the case, trace the packets to the source and determine the reason these packets were sent.

sincerely

Patrick

Actions

Login or Register to take actions

This Discussion

Posted March 25, 2009 at 3:58 PM
Stats:
Replies:1 Avg. Rating:
Views:1669 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard

Rank Username Points
1 7,861
2 6,140
3 3,170
4 1,473
5 1,446