Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Problem with connection establishment

Hi

I'm getting the following message appear in my syslog from our pix 515E firewall running OS version 6.2

106015: Deny TCP (no connection) from 10.12.8.20/2710 to 10.23.9.20/13720 flags ACK on interface dmz1

Could someone please help me with this, and why it would be denying the traffic. My access-list has now been simplified to "permit ip any any", and I'm not running nat as shown below:

nat (data) 0 10.10.8.0 255.255.248.0 0 0

nat (dmz1) 0 10.12.8.0 255.255.248.0 0 0

static (data,green) N_live N_live netmask 255.255.255.255 0 0

static (data,green) 10.10.8.20 10.10.8.20 netmask 255.255.255.255 0 0

static (dmz1,green) V_DMZ1 V_DMZ1 netmask 255.255.255.255 0 0

Any thoughts?

Thanks in advance

Dan

1 REPLY
Bronze

Re: Problem with connection establishment

For that Change the NAT(dmz) 0 to NAT (dmz) and also

allow icmp to pass through.

For the further configuration refer the below URL :

http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aad.shtml

112
Views
0
Helpful
1
Replies
CreatePlease to create content