This may seem strange, but i am having this weird problem when looking at the ASA 5520 logging from ASDM.
When i opened up the Real-Time Logging in ASDM, i noticed that the Source and Destination IP and ports are swapped. For example, my host has an IP of 172.16.1.1, accessing a server 18.104.22.168 @ TCP 80. When i look at the traffic logging, the Source IP shows 22.214.171.124 and Source port TCP 80, destination IP shows 172.16.1.1 and Dest. Port shows some random generated high port.
I did not noticed when this problem occurred, just realised it recently while doing some checking. Any ideas what may cause this?
Or is it time to reboot the firewall?