Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA5550 TCP connection denied

cisco ASA5550 Inbound TCP connection denied from 172.XX.XXX.2/3314 to 172.16.XX.XX/XXX flags SYN  on interface inside

2 REPLIES
New Member

Can you post a config, or at

Can you post a config, or at least the ACLs that you have for either of those networks?

You may need to enable logging on those particular ACLs in order for me/us to figure out why these are being denied.  

See this about turning logging on.  It will give your logs more information, including which ACL is denying these packets

 

http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/acl_logging.pdf

Hall of Fame Super Silver

Are both the source and

Are both the source and destination address downstream from your inside interface? If so, you need to have "same-security-traffic" enabled in your configuration. Reference

47
Views
0
Helpful
2
Replies
CreatePlease login to create content