Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Firewall tear down of connection

Hi,

I have a query regarding firewalls tearing down the connections.

I was testing one of my webservers, the connection works fine. When i look at logs in firewall for this connection, it shows below:-

|Aug 01 2009 14:13:21|302013: Built inbound TCP connection 12379739847949979872

for VPN:192.168.100.249026 (192.168.100.2/49026) to APP:192.168.200.10/7014 (192.168.200.10/7014)

Aug 01 2009 14:13:23|302014: Teardown TCP connection 12379739847949979839 for

VPN:192.168.100.249026to APP:192.168.200.10/7014 duration 0:00:03 bytes 15106 TCP

FINs

Why does the firewall built & then immediately(within 3 secs) try to break the connection as seen above.But even so , the web page works fine & am able to use it.

Please advise.

Thanks!

1 REPLY
Cisco Employee

Re: Firewall tear down of connection

Tear down reason TCP FINs means that the connection was gracefully closed.

You need to collect captures to see exactly what happens and who sends the first fin ack.

Here is the link to the syslog that you are seeing:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/system/message/logmsgs_external_docbase_0900e4b1804ca185_4container_external_docbase_0900e4b1805ba0fa.html#wp1280675

1335
Views
0
Helpful
1
Replies