Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
294
Views
0
Helpful
2
Replies

Error Message 106001 in Logs

sdettelepak
Level 1
Level 1

‎06-27-2006 06:18 PM - edited ‎03-09-2019 03:25 PM

My Logs are flooded with this message:

Jun 27 2006 11:54:40|106001: Inbound TCP connection denied from 192.168.11.15/4670 to 192.168.11.138/3500 flags SYN on interface Inside

I dont understand why this happening, especially when both machines are on the inside interface. Here is my config if it helps.

Labels:
Preview file
4 KB
0 Helpful
2 Replies 2

spremkumar
Level 9
Level 9

‎06-27-2006 08:43 PM

Hi

As per CCO its just a connection notification message no action required.

do refer this link for more info..

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_system_message_guide_chapter09186a008008d2b2.html#36183

regds

0 Helpful

grant.maynard
Level 4
Level 4

‎06-27-2006 11:34 PM

ASA is dropping those packets because source and destination are on the same interface. PIX will never send icmp redirect (as a router could) and will only allow this traffic if it is v7.2 and you have "same-security-traffic permit intra-interface", and even then it must see both halves of the connection.

Your best bet is to find out why this is getting sent to the ASA and change it.

0 Helpful
Customers Also Viewed These Support Documents