While in ASDM via the management interface, I get ASA log entries every 30 seconds with 'deny TCP (no connection) from *** to ***/443 flags FIN ACK on interface management'. Operation of ASDM is not impacted, but I'd like to correct this if possible.
I did a recreate in my lab.I saw the exact same behaviour.
What we all are seeing appears to be a normal behavior.
When you load up ASDM, there is one main connection to the ASA interface on port 443 via which GUI is populated. The other possible connection
could be logging connection via which ASDM gets logs from ASA.
Apart from this, if there is any command which you need to execute from ASDM, or when you navigate through ASDM windows/frames, most of them would cause ASDM to send a command to ASA and use the output to populate
the fields on GUI. These commands are *not* sent on the same connection via which GUI is visible, but via a new separate connection. As soon as
ASA gets the output, the connection is closed and the FIN+ACK is denied because connection no longer exists.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...