Odd ASA log event

Unanswered Question

We're receiving a multitude of the following syslog ID & description, on our edge ASA:

%ASA-4-507003: tcp flow from inside:<output omitted> to outside:<output omitted> terminated by inspection engine, reason - inspector reset unconditionally.

Based on the following article from Cisco.com, http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html#wp5607032, this is a standard log event, with a recommendation of "No Action Required". Unfortunately, the reason "inspector reset unconditionally" isn't sitting well with me. Can anyone shed some insight on what that reason may actually indicate, with regards to a particular TCP session?


Jeff Bull

Systems Specialist 2

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Panos Kampanakis Tue, 05/11/2010 - 17:32

There was defect CSCsv83232 that would print out that syslog when something was denied by url filtering.

It was fixed in 8.0.5 and 8.2.1. Not sure what version you are running but you could be hitting it.

I hope it helps.



This Discussion