Not positive, but that IP address definitely resolves to my ISPs "big" DNS in the sky. What does the logger line appear to be blocking? All I know is that all of a sudden some of the domains I hold DNS entries for are having some issues and I noticed all these denied packets on the DNS port. Thanks for any suggestions.
It looks to me like the external dns server is replying to a request from an inside host when the connection in the firewall has already been torn down. Therefore there is no associated connection in the ASA and it drops the packet.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...