TCP Reset-0 Message in the Firewall from external router
Posted on 2009-04-29
Remore access to a 2811 router from a local LAN via ssh across a firewall was working fine.
Suddenly, the ssh connection was not getting thru and we were getting following error from putty:
Fatal Putty Error: network error, software caused connection abort.
After seeing through the firewall logs, i found below messages:
%FWSM-6-305011: Built dynamic tcp translation from Internal:172.19.107.54/3929 to External:188.8.131.52/29797
%FWSM-6-302013: Built outbound TCP connection 219025379 for Internal:172.20.100.54/3929 (184.108.40.206/29797) to External:220.127.116.11/22 (18.104.22.168/22)
%FWSM-6-302014: Teardown TCP connection 219025379 for Internal:172.20.108.54/392 9 to External:22.214.171.124/22 duration 0:00:00 bytes 244 TCP Reset-O
How come the router is sending a reply with reset bit set. ? What does it mean ? Does it at all reflect remotely to any kind of DoS attack ?
In any case, what is the way out. ?