Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Pix showing wrong connections(with saA Flag )!!!!!!!!!!!


Our Pix Firewall is showing unwanted TCP as well as UDP

Connections originating from Outside Interface (Sec level 0)to inside

interface (security level 100)while issuing "sh conn" command. The

things confusing me are :

1. The connectionss are shown coming from Outside Interface (which is

administratively down and whose link is also down) to the inside


2. The tcp Connections show flag saA for these instances and UDP

Connections are shown without flags.

So, it seems basically as if the Pix Firewall itself is seeing

connections which logically and Physically are not possible (as the

source IP's shown in " show conn " command for these instances come

from Outside interface which is inactive.

Moreover, when "show conn state up" command is used , correct active

connections are displayed .Can anyone explain me this faulty

occurence of intrinsic connections by the Pix Firewall and how can

these be removed.

CreatePlease login to create content