Don't if im being really dumb, but ive got an ASA setup as VPN concentrator. Which works fine, my issue is that the ASA is sending a RST/ACK packet back to a host when it's dropped by an ACL.
Has anyone come accross this ?
By default "service resetoutbound" is enabled for all interfaces on the firewall. This command is used to enable resets for denied TCP connections. You can disbale this by entering the following command in the config mode:
no service resetoutbound
More information can be found here: