I am gettig the below logs in one of my ASA when trying to access one destination IP. I have site to site VPN established from this firewall and have
18.104.22.168/25 added in VPN tunnel encryption. However I am blocking 22.214.171.124/32 through tunnel and sending over plain internet. This firewall is behind perimeter firewall. Usually NATing will be happening in perimeter firewall.Since i was not able to access this IP from the desktops which are behind this ODC firewall, I have placed NAT statements in ODC firewall and getting below Logs in ODC firewall.
TCP PAT from inside:10.222.6.14/54436 to outside:126.96.36.199/54436 flags ri idle 0:00:15 timeout 0:00:30
This is an old thread, but for anyone that stumbles on it like I did, I found an answer for my own presentation of this odd behavior.
We took a wireshark, and the cipher specs were failing to negotiate for tcp/443 (https). This led to the sxaA flags showing up in the conn, and then quickly disappearing. Because the negotiation is so fast, it's hard to catch in that table.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...