I have an ASA with the following: What does the following mean? "Deny TCP (no connection) from/to flags FIN ACK on interface inside"

I keep getting the above error.  It is not explicitly denying the packet, but was wondering what the error means.
NWSBexchAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Voltz-dkConnect With a Mentor Commented:
It is a common log.  It's a packet that is received after the connection has been closed down in the ASA.
If you have syslog on informational, you'll see that you receive a Teardown syslog (which also states why it's closed) on the connection in question prior to this deny.
The packet is indeed denied, but it's got FIN flag set so it's part of the graceful connection teardown anyways.
0
 
Istvan KalmarHead of IT Security Division Commented:
It means basically the TCP packet was sent with something other than the syn flag sent. Therefore the ASAwould check its connection table, no previous connection existed and the packet gets denied.
0
 
Istvan KalmarHead of IT Security Division Commented:
But I seen this messege when I used 8.0.4 on 5505 with Oracle communication, after that I downgraded the ASA the problem is discontinued!

Do you have a problem on qour network, or you inquiring?
0
 
NWSBexchAuthor Commented:
So this is not necessarily a bad thing, but just part of the "tear down" process?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.