In my syslog server configured for Cisco PIX 6.3,
I see lot of Built and teardown connections.
Logic says if something is built then there should be a teardown.
But I do not see teardowns for some connections even though I know that path is already broken long time ago.
May 3 09:44:16 ::ffff:18.104.22.168 May 03 2012 12:50:32 cfwprd1a : %PIX-6-302013: Built inbound TCP connection 954594374 for dcn:10.199.58.15/33646 (10.199.58.15/33646) to dmz:172.16.169.238/443 (22.214.171.124/443)
Why is there no teardown for the above in my syslog server?
And this is not just one - there are many meesages that do not have teardowns.