Firewall tear down of connection

Unanswered Question
Aug 1st, 2009
User Badges:


I have a query regarding firewalls tearing down the connections.

I was testing one of my webservers, the connection works fine. When i look at logs in firewall for this connection, it shows below:-

|Aug 01 2009 14:13:21|302013: Built inbound TCP connection 12379739847949979872

for VPN: ( to APP: (

Aug 01 2009 14:13:23|302014: Teardown TCP connection 12379739847949979839 for

VPN: APP: duration 0:00:03 bytes 15106 TCP


Why does the firewall built & then immediately(within 3 secs) try to break the connection as seen above.But even so , the web page works fine & am able to use it.

Please advise.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Kureli Sankar Mon, 08/03/2009 - 19:09
User Badges:
  • Cisco Employee,

Tear down reason TCP FINs means that the connection was gracefully closed.

You need to collect captures to see exactly what happens and who sends the first fin ack.

Here is the link to the syslog that you are seeing:


This Discussion