The question here is why is the host sending incorrect tcp packets ( SYN packest) In this case you will need to work on the host first and see why is doing that. BUT if you want to solve this on the easiest and non-secure way you will need to configure a TCP state bypass rule so the ASA will no longer statefully inspect the TCP connections:
access-list test permit tcp host ip_host_behind_asa host outside_server
match access-list test
set connection advanced-options tcp-state-bypass
Do rate all the helpful posts!!
Julio Carvajal Senior Network Security and Core Specialist CCIE #42930, 2xCCNP, JNCIP-SEC
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...